CVE-2026-2255

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, expose Hadoop cluster credentials in plain text through the Cluster Test API. Although the user should not see those explicitly, the defect is mitigated by the fact the user can...

CGA-2255-2H2P-73Q2

Bulletin has no description...

EUVD-2026-2255

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Avoid NULL pointer deref for evicted BOs It is possible for a BO to exist that is not currently associated with a resource, e.g. because it has been evicted. When devcoredump tries to read the contents of all BOs for...

MINI-2255-6QPC-QX6C

Bulletin has no description...

EUVD-2008-6959

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-2255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain...

RLSA-2025:4791 Moderate: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

TencentOS Server 3: python39:3.9 (TSSA-2025:0340)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0340 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

AlmaLinux 8 : python39:3.9 (ALSA-2025:4791)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:4791 advisory. modwsgi: Trusted Proxy Headers Removing Bypass CVE-2022-2255 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

Oracle Linux 8 : python39:3.9 (ELSA-2025-4791)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4791 advisory. modwsgi 4.7.1-7.1 - Resolves: RHEL-87514 - CVE-2022-2255 python39:3.9/modwsgi: Trusted Proxy Headers Removing Bypass numpy python39 python3x-pip...

Moderate: Red Hat Security Advisory: python39:3.9 security update

An update for the python39:3.9 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

RHEL 8 : python39:3.9 (RHSA-2025:4791)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4791 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

ALSA-2025:4791 Moderate: python39:3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

python39:3.9 security update

modwsgi 4.7.1-7.1 - Resolves: RHEL-87514 - CVE-2022-2255 python39:3.9/modwsgi: Trusted Proxy Headers Removing Bypass numpy python39 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna python-lxml python-ply python-psutil python-psycopg2...

GitLab 13.5.0 < 17.8.6 / 17.9 < 17.9.3 / 17.10 < 17.10.1 (CVE-2025-2255)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site...

CVE-2025-2255 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site Scripting attacks XSS. for AppSec...

CVE-2025-2255

GitLab EE/CE AppSec is affected by CVE-2025-2255, with XSS due to error messages in versions 13.5.0–before 17.8.6, 17.9–before 17.9.3, and 17.10–before 17.10.1. The issue is rooted in improper output/handling of error messages, allowing cross-site scripting. Several connected sources corroborate ...

CVE-2025-2255

Removed by vendor...

Linux Distros Unpatched Vulnerability : CVE-2022-2255

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP...