GHSA-574P-6FW4-4HW8 Withdrawn Advisory: Pulp Improper Path Parsing

Withdrawn Advisory This advisory has been withdrawn because the package pulpcore deals with pulp 3 only. This advisory concerns pulp 2, which is not in a supported ecosystem. Original Description pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a...

CVE-2018-10917

pulp 2.16.x and possibly older is vulnerable to an improper path parsing. A malicious user or a malicious iso feed repository can write to locations accessible to the 'apache' user. This may lead to overwrite of published content on other iso repositories...

PT-2018-10181 · Pulp · Pulp

Name of the Vulnerable Software and Affected Versions: pulp versions 2.16.x and earlier Description: The issue is related to improper path parsing, allowing a malicious user or a malicious iso feed repository to write to locations accessible to the 'apache' user. This could lead to the overwrite ...

Git for Windows 2.13.x < 2.13.7 / 2.14.x < 2.14.4 / 2.15.x < 2.15.2 / 2.16.x < 2.16.4 / 2.17.x < 2.17.1 Remote Code Execution

The version of Git for Windows installed on the remote host is 2.13.x prior to 2.13.7, 2.14.x prior to 2.14.4, 2.15.x prior to 2.15.2, 2.16.x prior to 2.16.4 or 2.17.x prior to 2.17.1. It is, therefore, affected by a remote code execution vulnerability. C Tenable Network Security, Inc...

SeaMonkey 2.16.x < 2.16.1 nsHTMLEditor User-After-Free

Binary data 6723.prm...

CVE-2004-0704

Unknown vulnerability in 1 duplicates.cgi and 2 buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products...

CVE-2004-0707

SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL...