20 matches found
CVE-2026-49216
Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, the Stimulus controller in symfony/ux-autocomplete renders AJAX response items in createAutocompleteWithRemoteData by interpolating the text field into HTML template literals $itemlabelField rather than text,...
CVE-2026-49216 Symfony UX: XSS in symfony/ux-autocomplete via unescaped AJAX response data
Symfony UX is a JavaScript ecosystem for Symfony. From 2.2.0 until 2.36.0 and 3.1.0, the Stimulus controller in symfony/ux-autocomplete renders AJAX response items in createAutocompleteWithRemoteData by interpolating the text field into HTML template literals $itemlabelField rather than text,...
CVE-2026-49216
CVE-2026-49216 (Symfony UX Autocomplete) : The Stimulus controller in symfony/ux-autocomplete renders AJAX response items by interpolating item[labelField] directly into HTML, causing stored XSS when values come from user-supplied content. Affected: 2.2.0 through 2.36.0 and 3.1.0. Impact is that ...
CVE-2026-49212 Symfony UX: LiveComponentHydrator HMAC checksum lacks component and slot binding
Symfony UX is a JavaScript ecosystem for Symfony. From 2.8.0 until 2.36.0 and 3.1.0, the HMAC computed by Symfony\UX\LiveComponent\LiveComponentHydrator covered only sorted prop key/value pairs and did not include the component name, the slot identifier props vs propsFromParent, or request contex...
CVE-2026-49212
The CVE-2026-49212 issue affects Symfony UX LiveComponent: the HMAC used to protect read-only props and the propsFromParent blob did not bind to component name, slot, or request context, allowing a signed blob for one component/slot to be replayed on another and potentially set a read-only prop. ...
CVE-2026-49209 Symfony UX: Denial of service in symfony/ux-live-component via unbounded batch action requests
Symfony UX is a JavaScript ecosystem for Symfony. From 2.5.0 until 2.36.0 and 3.1.0, Symfony\UX\LiveComponent\Controller\BatchActionController::invoke iterates over the client-supplied actions array and issues a full HttpKernel sub-request for each entry; because the array size is never bounded, ...
CVE-2026-49209
The CVE-2026-49209 issue affects Symfony UX LiveComponent’s BatchActionController::__invoke(), which iterates over client-supplied actions and issues a full HttpKernel sub-request per entry. With unbounded action arrays, an authenticated attacker can submit a single _batch request containing thou...
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic in the EntitySearchUtil::addSearchClause function in the autocomplete endpoint. The endpoint constructs SQL query with LIKE expression without escaping the SQL LIKE wildcar...
cache-extensions (>=1.9.1 <=1.14.1) potentially affected by CVE-2026-46420 via setup-php (>=2.25.0 <=2.36.0)
setup-php NPM version =2.25.0, =1.9.1, =1.14.1 Source cves: CVE-2026-46420 Source advisory: SNYK:JS-SETUPPHP-16874161...
CVE-2026-42281 MagicMirror²: Unauthenticated SSRF via /cors endpoint
MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Forgery SSRF vulnerability in the /cors endpoint allows any remote attacker to force the MagicMirror² server to perform arbitrary HTTP requests to internal networks, cloud metadat...
CVE-2026-42281 MagicMirror²: Unauthenticated SSRF via /cors endpoint
MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Forgery SSRF vulnerability in the /cors endpoint allows any remote attacker to force the MagicMirror² server to perform arbitrary HTTP requests to internal networks, cloud metadat...
EUVD-2026-30313
MagicMirror² is an open source modular smart mirror platform. Prior to 2.36.0, an unauthenticated Server-Side Request Forgery SSRF vulnerability in the /cors endpoint allows any remote attacker to force the MagicMirror² server to perform arbitrary HTTP requests to internal networks, cloud metadat...
Server-side Request Forgery (SSRF)
Overview magicmirror is a The open source modular smart mirror platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the cors endpoint, which acts as an open HTTP proxy without authentication or URL validation. An attacker can force the server to make...
Linux Distros Unpatched Vulnerability : CVE-2022-30293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WebKitGTK through 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in...
SUSE CVE-2022-30293
In WebKitGTK through 2.36.0 and WPE WebKit, there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp...
CVE-2021-29622 affecting package prometheus for versions less than 2.36.0-2
CVE-2021-29622 affecting package prometheus for versions less than 2.36.0-2. An upgraded version of the package is available that resolves this issue...
WebKitGTK 缓冲区错误漏洞
WebKitGTK is a full-featured port of the WebKit rendering engine for projects that require any type of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. It provides the full functionality of WebKit for a wide range of systems from desktop computers to embedded syste...
PT-2022-3506 · Apple +7 · Webkitgtk +8
Name of the Vulnerable Software and Affected Versions: WebKitGTK versions through 2.36.0 WPE WebKit versions through 2.36.0 Description: The issue is related to a heap-based buffer overflow in the WebCore::TextureMapperLayer::setContentsLayer function, located in...
Updated webkit2 packages fix security vulnerability
The webkit2 package has been updated to version 2.36.0, fixing several security issues and other bugs...
ai.preferred:venom (>=4.1.3 <=4.2.5), at.ganzleicht.vaadin:vaadin-client-compiler (>=9.1.1 <=9.1.2) +1594 more potentially affected by CVE-2020-5529 via net.sourceforge.htmlunit:htmlunit (>=1.14 <=2.36.0)
net.sourceforge.htmlunit:htmlunit MAVEN version =1.14, =4.1.3, =9.1.1, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =1, =0.9.6, =0.9.6, =0.1.1, =0.5.0, =0.11.1, =0.30.0 and more Source cves: CVE-2020-5529 Source advisory: OSV:GHSA-5MH9-R3RR-9597...