2 matches found
CVE-2025-58367 DeepDiff is vulnerable to DoS and Remote Code Execution via Delta class pollution
DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class pollution via the Delta class constructor, and when combined with a gadget available in DeltaDiff, it can lead to Denial of Service and Remote Code Execution via...
CVE-2024-36419 SuiteCRM-Core Host Header Injection in /legacy
SuiteCRM is an open-source Customer Relationship Management CRM software application. A vulnerability in versions prior to 8.6.1 allows for Host Header Injection when directly accessing the /legacy route. Version 8.6.1 contains a patch for the issue...