CVE-2026-5061

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

BIT-CONSUL-2026-5061 Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

CVE-2026-5061

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

Security Bulletin: Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

Summary The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0. Vulnerability Details CVEID:CVE-2026-5061 DESCRIPTION:...

CVE-2026-5061 Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

CVE-2026-5061

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

CVE-2026-5061

The affected software is consul-template. Before version 0.42.0, the library’s file template helper is vulnerable to a sandbox path bypass that may allow reading an out-of-sandbox file. The underlying issue is a path bypass in the file template helper, enabling access outside the intended sandbox...

CVE-2026-5061 Consul-template vulnerable to sandbox path bypass in file helper via a symlink attack

The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an out-of-sandbox file. This vulnerability CVE-2026-5061 is fixed in consul-template 0.42.0...

HashiCorp Tooling 后置链接漏洞

HashiCorp Tooling is a series of software tools developed by HashiCorp Inc., aimed at infrastructure automation, cloud resource management, and security operations. Versions of HashiCorp Tooling prior to 0.42.0 contained a postback link vulnerability. This vulnerability stemmed from a sandbox pat...

OPENSUSE-SU-2026:10573-1 cpp-httplib-devel-0.42.0-1.1 on GA media

These are all security issues fixed in the cpp-httplib-devel-0.42.0-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2024-1180

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-22189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of...

Linux Distros Unpatched Vulnerability : CVE-2025-31130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it...

CVE-2024-32884

gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for text that the external ssh program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clo...

SUSE CVE-2025-31130

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...

CVE-2025-31130

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...

UBUNTU-CVE-2025-31130

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...

gitoxide 安全漏洞

gitoxide is a git implementation written in Rust by the individual developer Sebastian Thiel. A security vulnerability exists in gitoxide versions prior to 0.42.0, which stems from a lack of collision detection in the SHA-1 hash implementation and could lead to a hash collision attack...

PT-2025-14868 · Gitoxide · Gitoxide

Name of the Vulnerable Software and Affected Versions: gitoxide versions prior to 0.42.0 Description: The issue arises from gitoxide's use of SHA-1 hash implementations without collision detection, making it vulnerable to hash collision attacks. This means two distinct Git objects with colliding...

@account-kit/react (>=4.0.0 <=4.88.4), @account-kit/react-native (>=4.15.0 <=4.88.4) +50 more potentially affected by CVE-2024-57068 via @tanstack/form-core (>=0.0.1 <=0.42.0)

@tanstack/form-core NPM version =0.0.1, =4.0.0, =4.15.0, =3.13.0, =0.0.1, =0.1.1, =0.0.1, =1.0.0, =0.3.5, =0.3.3, =3.0.0 and more Source cves: CVE-2024-57068 Source advisory: OSV:GHSA-GGV3-VMGW-XV2Q...