43 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.22.3 security and extras update
Red Hat OpenShift Container Platform release 4.22.3 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.22. Red Hat Product Security has rated this update as having a security impact of...
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to Node.js modules fast-uri and protobufjs (CVE-2026-6322, CVE-2026-45740 & CVE-2026-6321)
Summary IBM App Connect Enterprise runtime and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to Node.js modules fast-uri and protobufjs. Vulnerability Details CVEID:CVE-2026-6322 DESCRIPTION: fast-uri normalize decoded percent-encoded authority...
ROOT-APP-NPM-CVE-2026-6322 CVE-2026-6322 in @rootio/fast-uri - Patched by Root
Root has patched CVE-2026-6322 in the @rootio/fast-uri package for Root:npm. Multiple fixed versions available...
CLEANSTART-2026-BE61221 Security fixes for CVE-2025-62718, CVE-2025-69873, CVE-2026-29045, CVE-2026-29085, CVE-2026-29086, CVE-2026-29087, CVE-2026-2950, CVE-2026-30827, CVE-2026-33750, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-33916, CVE-2026-33937, CVE-2026-34043, CVE-2026-35213, CVE-2026-39406, CVE-2026-39407, CVE-2026-39408, CVE-2026-39409, CVE-2026-39410, CVE-2026-40175, CVE-2026-41238, CVE-2026-41239, CVE-2026-41240, CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044, CVE-2026-42264, CVE-2026-42338, CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458, CVE-2026-44459, CVE-2026-4800, CVE-2026-4923, CVE-2026-4926, CVE-2026-6321, CVE-2026-6322, ghsa-2328-f5f3-gj25, ghsa-26pp-8wgv-hjvm, ghsa-27v5-c462-wpq7, ghsa-2g4f-4pwh-qvx6, ghsa-2qvq-rjwj-gvw9, ghsa-2w6w-674q-4c4q, ghsa-39q2-94rc-95cp, ghsa-3mfm-83xf-c92r, ghsa-3p68-rc4w-qgx5, ghsa-3v7f-55p6-f55p, ghsa-3w6x-2g7m-8v23, ghsa-442j-39wm-28r2, ghsa-445q-vr5w-6q77, ghsa-458j-xx4x-4375, ghsa-46wh-pxpv-q5gq, ghsa-5c6j-r48x-rmvq, ghsa-5c9x-8gcm-mpgx, ghsa-5m6q-g25r-mvwx, ghsa-5pq2-9x2x-5p6w, ghsa-62hf-57xw-28j9, ghsa-69xw-7hcm-h432, ghsa-6chq-wfr3-2hj9, ghsa-7rx3-28cr-v5wh, ghsa-92pp-h63x-v22m, ghsa-9cx6-37pm-9jff, ghsa-9vqf-7f2p-gf9v, ghsa-c2c7-rcm5-vvqj, ghsa-crv5-9vww-q3g8, ghsa-f23m-r3pf-42rh, ghsa-f886-m6hf-6m8v, ghsa-fvcv-3m26-pcqx, ghsa-h7mw-gpvr-xq4m, ghsa-j3q9-mxjg-w52f, ghsa-jg4p-7fhp-p32p, ghsa-m7pr-hjqh-92cm, ghsa-p6xx-57qc-3wxr, ghsa-p77w-8qqv-26rm, ghsa-pf86-5x62-jrwf, ghsa-pmwg-cvhr-8vh7, ghsa-ppp5-5v6c-4jwp, ghsa-q3j6-qgpj-74h6, ghsa-q5qw-h33p-qvwr, ghsa-q67f-28xg-22rw, ghsa-q8qp-cvcw-x6jj, ghsa-qj8w-gfj5-8c6v, ghsa-qp7p-654g-cw7p, ghsa-r4q5-vmmm-2653, ghsa-r5fr-rjxr-66jc, ghsa-r5rp-j6wh-rvv4, ghsa-v2v4-37r5-5v8g, ghsa-v39h-62p7-jpjc, ghsa-v8w9-8mx6-g223, ghsa-v9jr-rg53-9pgp, ghsa-vf2m-468p-8v99, ghsa-w9j2-pvgh-6h63, ghsa-wc8c-qw6v-h7f6, ghsa-wmmm-f939-6g9c, ghsa-xf4j-xp2r-rqqx, ghsa-xhjh-pmcv-23jw, ghsa-xhpv-hc6g-r9c6, ghsa-xjpj-3mr7-gcpf, ghsa-xpcf-pg52-r92g, ghsa-xx6v-rp6x-q39c applied in versions: 2.19.5-r0
Multiple security vulnerabilities affect the opensearch-dashboards-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-6322 vulnerabilities
Vulnerabilities for packages: tileserver-gl, opensearch-dashboards, prism, serve, langfuse, vitess, saf...
CVE-2026-6322 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, saf, tileserver-gl, argo-workflows, opensearch-dashboards-fips, keep, langfuse, wazuh-dashboard-fips, keep-fips, kibana, vitess, opensearch-dashboards, tileserver-gl-fips, serve, wazuh-dashboard, prism, gitlab-rails-ce-fips, arangodb, langfuse-fips...
@activepieces/piece-ai (>=0.3.1 <=0.3.4), @evertondgn/polyhive-cli (=0.1.62) +5 more potentially affected by CVE-2026-6322 via fast-uri (>=3.0.1 <=3.1.0)
fast-uri NPM version =3.0.1, =0.3.1, =5.4.3, =1.0.0, =1.0.0, =2.2.0, =2.3.1 Source cves: CVE-2026-6322 Source advisory: SNYK:JS-FASTURI-16642394...
DEBIAN-CVE-2026-6322
fast-uri normalize decoded percent-encoded authority delimiters inside the host component and then re-emitted them as raw delimiters during serialization. A host that combined an allowed domain, an encoded at-sign, and a different domain was re-emitted with the at-sign as a raw userinfo separator...
CVE-2026-6322
creationtimestamp| type| source ---|---|--- 2026-05-05 10:33:49+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3ml3yek4kos2b 2026-05-05 13:32:07+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3ml4cdh4uwn2w 2026-05-05 19:05:10+00:00| seen|...
CVE-2026-6322 fast-uri vulnerable to host confusion via percent-encoded authority delimiters
fast-uri normalize decoded percent-encoded authority delimiters inside the host component and then re-emitted them as raw delimiters during serialization. A host that combined an allowed domain, an encoded at-sign, and a different domain was re-emitted with the at-sign as a raw userinfo separator...
Linux Distros Unpatched Vulnerability : CVE-2024-6322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associate...
CVE-2025-6322
creationtimestamp| type| source ---|---|--- 2025-06-20 09:41:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18922 2025-06-20 10:01:43+00:00| published-proof-of-concept| Telegram/p4cwm2yjSN4ovrDbIKK0UGlBzlMUWXB5O0q8DxAqqucQZuA 2025-06-20 10:36:31+00:00| seen|...
CVE-2025-6322 PHPGurukul Pre-School Enrollment System visit.php sql injection
A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visit.php. The manipulation of the argument gname leads to sql injection. The attack may be launched remotely. The exploit has bee...
CVE-2020-6322
SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...
Linux Distros Unpatched Vulnerability : CVE-2016-6322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat QuickStart Cloud Installer QCI uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deploy...
CVE-2024-6322
creationtimestamp| type| source ---|---|--- 2024-08-20 21:19:13+00:00| seen| https://t.me/cvedetector/3674...
CVE-2024-6322 vulnerabilities
Vulnerabilities for packages: grafana...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322 vulnerabilities
Vulnerabilities for packages: grafana-fips, grafana...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...