18 matches found
GHSA-4JRW-64VR-7G8M Apache Camel camel-neo4j component is vulnerable to cypher injection
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
Apache Camel camel-neo4j component is vulnerable to cypher injection
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
EUVD-2023-2034
Malicious code in bioql PyPI...
EUVD-2023-2021
Malicious code in bioql PyPI...
CVE-2023-34093
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
CVE-2023-34235
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34235
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
Design/Logic Flaw
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34235 Leaking sensitive user information still possible by filtering on private with prefix fields
Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the tnumber prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to...
CVE-2023-34093
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
CVE-2023-34093 Strapi allows actors to make all attributes on a content-type public without noticing it
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
CVE-2023-34093 Strapi allows actors to make all attributes on a content-type public without noticing it
Strapi is an open-source headless content management system. Prior to version 4.10.8, anyone Strapi developers, users, plugins can make every attribute of a Content-Type public without knowing it. The vulnerability only affects the handling of content types by Strapi, not the actual content types...
PT-2023-24666 · Strapi · Strapi
Name of the Vulnerable Software and Affected Versions: Strapi versions prior to 4.10.8 Description: The issue affects the handling of content types by Strapi, allowing anyone to make every attribute of a Content-Type public without knowing it. This can lead to sensitive information being exposed ...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.8 bug fix and security update
Red Hat OpenShift Container Platform release 4.10.8 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
Fedora 30 : 2:samba (2019-e3e521e5b3)
Update to Samba 4.10.8 - Security fixes for CVE-2019-10197 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
nss and nspr security update
nspr 4.10.8-2 - Resolves: Bug 1269359 - CVE-2015-7183 - nspr: heap-buffer overflow in PLARENAALLOCATE can lead to crash under ASAN, potential memory corruption rhel-5.11.z nss 3.19.1-2 - Resolves: Bug 1269354 - CVE-2015-7182 CVE-2015-7181...
SUSE SLED11 / SLES11 Security Update : mozilla-nspr (SUSE-SU-2015:1444-1)
mozilla-nspr was update to version 4.10.8 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...