com.github.liuyueyi.media:svg-core (>=2.5 <=3.0.0) potentially affected by CVE-2026-24806 via com.github.liuyueyi.media:batik-codec-fix (>=2.5 <=3.0.0)

com.github.liuyueyi.media:batik-codec-fix MAVEN version =2.5, =2.5, =3.0.0 Source cves: CVE-2026-24806 Source advisory: SNYK:JAVA-COMGITHUBLIUYUEYIMEDIA-15127912...

CVE-2026-24806

creationtimestamp| type| source ---|---|--- 2026-01-27 09:10:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdffzx5ew32h...

MiracleLinux 8 : libuv-1.41.1-2.el8_10 (AXSA:2024-8516:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8516:01 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

ROOT-OS-ALPINE-318-CVE-2024-24806 CVE-2024-24806 in rootio-libuv - Patched by Root

Root has patched CVE-2024-24806 in the rootio-libuv package for Root:Alpine:3.18. Multiple fixed versions available...

K000152876: libuv vulnerability CVE-2024-24806

Security Advisory Description libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart src/win/getaddrinfo.c, truncates hostnames to 256 characters before calling getaddrinfo. This behavior can be...

F5 Networks BIG-IP : libuv vulnerability (K000152876)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000152876 advisory. libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in...

TencentOS Server 3: libuv (TSSA-2024:0314)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0314 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: libuv (TSSA-2024:0609)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0609 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0185: libuv (ALINUX3-SA-2024:0185)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0185 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-24806: libuv is a multi-platform support...

RLSA-2024:4756 Moderate: libuv security update

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

RLSA-2024:4247 Moderate: libuv security update

libuv is a multi-platform support library with a focus on asynchronous I/O. Security Fixes: libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

RockyLinux 9 : libuv (RLSA-2024:4756)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4756 advisory. libuv: Improper Domain Lookup that potentially leads to SSRF attacks CVE-2024-24806 Tenable has extracted the preceding description block directly from the...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-24806 DESCRIPTION: libuv is vulnerable to server-side request forgery, caused...

Linux Distros Unpatched Vulnerability : CVE-2024-24806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and its windows counterpart...

Linux Distros Unpatched Vulnerability : CVE-2022-24806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an...

CVE-2025-24806

creationtimestamp| type| source ---|---|--- 2025-02-19 20:24:50+00:00| seen| https://t.me/cvedetector/18450 2025-02-19 22:06:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3likrwszimm2a...

CVE-2025-24806

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...

CVE-2025-24806 Regulation applies separately to Username-based logins to Email-based logins in authelia

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...

CVE-2025-24806

Authelia (open-source authentication server) has a flaw where allowing sign-in via both username and email can cause login events to be counted separately, effectively doubling regulation limits and increasing brute-force risk when two-factor is not enforced or passwords are weak. The issue has a...

CVE-2025-24806 Regulation applies separately to Username-based logins to Email-based logins in authelia

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...