@piksail/strapi-plugin-publish-coolify (=0.0.1), stronges (=0.1.1) +1 more potentially affected by CVE-2026-22706 via @strapi/plugin-users-permissions (>=5.11.0 <=5.30.0)

@strapi/plugin-users-permissions NPM version =5.11.0, =5.30.0 is affected by a known vulnerability. The following packages have a transitive dependency on @strapi/plugin-users-permissions and may be impacted: - @piksail/strapi-plugin-publish-coolify =0.0.1 - stronges =0.1.1 - test-lead =0.1.0...

CVE-2025-26619

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In vega 5.30.0 and lower and in vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be...

GHSA-RCW3-WMX7-CPHR Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode expressionInterpeter

Impact In vega 5.30.0 and lower, vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be supported. Patches Patched in vega 5.31.0 / vega-functions 5.16.0 Workarounds Is there a way for users to fix or remediate th...

@candela/stats (>=0.20.0 <=0.21.0), @candela/vega (>=0.20.0 <=0.23.0) +131 more potentially affected by CVE-2025-26619 via vega (>=1.5.4 <=5.30.0)

vega NPM version =1.5.4, =0.20.0, =0.20.0, =0.3.0, =0.6.0, =1.0.5, =1.2.0, =0.0.2, =0.8.0, =3.1.3 - @jupyterlab/vega3-extension =0.14.3 and more Source cves: CVE-2025-26619 Source advisory: OSV:GHSA-RCW3-WMX7-CPHR...

CVE-2025-26619

Vega (Node) and Vega‑functions prior to versions 5.31.0/5.16.0 allow calling JavaScript functions from the Vega expression language that were not meant to be supported. This is the CVE-2025-26619 issue; the root cause is exposure of arbitrary JS execution through the expression interpreter. The v...

Vega 跨站脚本漏洞

Vega is a Javscript-based software from the Vega team that can be used to create interactive visual displays. The software can describe data visualizations using JSON format and generate interactive views using HTML5 Canvas or SVG. A security vulnerability exists in Vega 5.30.0 and prior versions...

Advisory ROSA-SA-2024-2524

Software: monit 5.30.0 OS: rosa-server79 packageevrstring: monit-5.30.0-2.res7 CVE-ID: CVE-2022-26563 BDU-ID: 2023-05304 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PAMcheckPasswd function of the Monit process, program, file and directory management and monitoring utility is related to flaws...

perl: Write past buffer end via illegal user-defined Unicode property

A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer...

Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2024-1126)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-47100

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-47038. Reason: This record is a duplicate of CVE-2023-47038. Notes: All CVE users should reference CVE-2023-47038 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

PT-2023-7351 · Perl +2 · Perl +2

Name of the Vulnerable Software and Affected Versions: Perl versions 5.30.0 through 5.38.1 Description: The issue is related to the S parse uniprop string function in regcomp.c, which can write to unallocated space due to mishandling of a property name associated with a regular expression...

PT-2023-7202

Name of the Vulnerable Software and Affected Versions perl versions 5.30.0 through 5.38.0 Description The issue is related to a buffer overflow in dynamic memory due to improper handling of crafted regular expressions. This can allow a remote attacker to control the buffer overflow, potentially...

Perl Buffer Error Vulnerability

Perl is a general-purpose, interpreted, dynamic cross-platform programming language from the PERL community. A buffer error vulnerability exists in Perl versions 5.30.0 through 5.38.0 that originates when Perl compiles a carefully crafted regular expression, allowing an attacker to control a byte...