Jira Server Pre-Auth - Arbitrary File Retrieval (WEB-INF, META-INF)

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check. id: CVE-2020-29453 info: name: Jira Server Pre-Auth - Arbitrary File...

EUVD-2022-29453

Malicious code in bioql PyPI...

CVE-2021-29453

matrix-media-repo is an open-source multi-domain media repository for Matrix. Versions 1.2.6 and earlier of matrix-media-repo do not properly handle malicious images which are crafted to be small in file size, but large in complexity. A malicious user could upload a relatively small image in term...

CVE-2025-29453

An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component...

CVE-2025-29453

An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component...

CVE-2025-29453

An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker to obtain sensitive information via the my-contacts-settings component...

Linux Distros Unpatched Vulnerability : CVE-2023-29453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template...

CVE-2023-29453

Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...

CVE-2023-29453

Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...

CVE-2023-29453 Agent 2 package are built with Go version affected by CVE-2023-24538

Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...

CVE-2023-29453

Technical details for CVE-2023-29453 are not publicly available in the provided documents; please monitor for updates from vendors or security advisories.

CVE-2023-29453

Templates do not properly consider backticks as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to...

CVE-2022-29453

creationtimestamp| type| source ---|---|--- 2022-06-15 20:20:42+00:00| seen| https://t.me/cibsecurity/44553...

CVE-2022-29453

Cross-Site Request Forgery CSRF vulnerability in API KEY for Google Maps plugin = 1.2.1 at WordPress leading to Google Maps API key update...

CVE-2022-29453 WordPress API KEY for Google Maps plugin <= 1.2.1 - CSRF vulnerability leading to Google Maps API key update

Cross-Site Request Forgery CSRF vulnerability in API KEY for Google Maps plugin = 1.2.1 at WordPress leading to Google Maps API key update...

Atlassian Jira < 8.5.11 Multiple Vulnerabilities

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.11, 8.6.x 8.13.3 or 8.14.x 8.15.0. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability in the...

CVE-2021-29453

CVE-2021-29453 – matrix-media-repo : Vulnerable in versions 1.2.6 and earlier. A crafted, small-file-size image that expands to extremely large dimensions during thumbnailing can exhaust memory, causing DoS. This is triggered during the thumbnailing process when loading the image into memory. A f...

CVE-2020-29453

creationtimestamp| type| source ---|---|--- 2021-02-23 00:33:55+00:00| seen| https://t.me/cibsecurity/23953 2021-08-24 16:41:19+00:00| seen| https://t.me/cKure/6756...

CVE-2020-29453

The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access che...

CVE-2020-29453

CVE-2020-29453 affects Jira Server/Data Center: CachingResourceDownloadRewriteRule allows unauthenticated remote readers to access arbitrary files in WEB-INF and META-INF due to an incorrect path check. Products/versions implicated (per initial sources): before 8.5.11, 8.6.x before 8.13.3, and 8....