5 matches found
CVE-2026-50282
Craft CMS contains an authorization issue in AssetsController::actionMoveFolder where calling with force=true to move a folder into a destination with a conflicting name can overwrite and delete the destination folder without destination delete permission. Affected versions are 5.0.0-RC1 and abov...
CVE-2026-50283
Craft CMS versions 5.0.0-RC1–5.9.20 and 4.0.0-RC1–4.17.13 contain an authorization issue in AssetsController::actionReplaceFile that can delete a source asset without source delete permission when both assetId and sourceAssetId are supplied. The runtime loads assetId ($assetToReplace) and sourceA...
CVE-2026-50283
Craft CMS is a content management system CMS. Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.14 bug fix and security update
Red Hat OpenShift Container Platform release 4.17.14 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...
[SECURITY] Fedora 28 Update: kernel-4.17.14-202.fc28
The kernel meta package...