CVE-2025-6203

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become...

CVE-2025-6203

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become...

HashiCorp Vault Enterprise和HashiCorp Vault Community Edition 安全漏洞

HashiCorp Vault Enterprise and HashiCorp Vault Community Edition are both products of HashiCorp, Inc. of the U.S.A. HashiCorp Vault Enterprise is an enterprise information archiving platform.HashiCorp Vault HashiCorp Vault Enterprise is an enterprise information archiving platform and HashiCorp...

Security fix for the ALT Linux 10 package golang version 1.19.9-alt1

1.19.9-alt1 built May 3, 2023 Alexey Shabalin in task 319734 May 2, 2023 Alexey Shabalin - New version 1.19.9 Fixes: CVE-2023-24539, CVE-2023-24540, CVE-2023-29400...

SUSE CVE-2022-24723

URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly. This issue has been patched in version 1.19.9. Removing leading whitespace from values before passing them to URI.parse ca...

CVE-2022-24723

URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly. This issue has been patched in version 1.19.9. Removing leading whitespace from values before passing them to URI.parse ca...

Input validation

URI.js is a Javascript URL mutation library. Before version 1.19.9, whitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly. This issue has been patched in version 1.19.9. Removing leading whitespace from values before passing them to URI.parse ca...

GHSA-GMV4-R438-P67F Leading white space bypasses protocol validation

Impact Whitespace characters are not removed from the beginning of the protocol, so URLs are not parsed properly and protocol validation mechanisms may fail. Patches Patched in 1.19.9 Workarounds Remove leading whitespace from values before passing them to URI.parse e.g. via .hrefvalue or new...

PT-2022-16831 · Uri.Js · Uri.Js

Name of the Vulnerable Software and Affected Versions: URI.js versions prior to 1.19.9 Description: The issue arises from whitespace characters not being removed from the beginning of the protocol, resulting in improper URL parsing. This can cause protocol validation mechanisms to fail. The probl...

SUSE-RU-2021:2194-1 Recommended update for the Azure and AWS SDKs

This update for the SLE Public Cloud module provides the following fixes: Azure SDK update: This update for the Azure SDK and CLI adds support for the AHB Azure Hybrid Benefit. bsc1176784, jscECO-3105 AWS SDK update: This update for the AWS SDK updates python-boto3 to version 1.17.9 and aws-cli t...

CVE-2013-6451

Cross-site scripting XSS vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values...