26 matches found
Splunk Cloud Platform和Splunk Enterprise 信息泄露漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. An information disclosure vulnerability exists...
EUVD-2022-3472
Malicious code in bioql PyPI...
EUVD-2022-2196
Malicious code in bioql PyPI...
OESA-2025-1416 trafficserver security update
Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0...
DEBIAN-CVE-2024-53868
Apache Traffic Server allows request smuggling if chunked messages are malformed. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.9, from 10.0.0 through 10.0.4. Users are recommended to upgrade to version 9.2.10 or 10.0.5, which fixes the issue...
OESA-2025-1290 trafficserver security update
Apache Traffic Server is an OpenSource HTTP / HTTPS / HTTP/2 / QUIC reverse, forward and transparent proxy and cache. Security Fixes: Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, fr...
DEBIAN-CVE-2024-56195
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...
UBUNTU-CVE-2024-56195
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...
CVE-2024-38311 Apache Traffic Server: Request smuggling via pipelining after a chunked message body
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...
DEBIAN-CVE-2024-56202
Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...
UBUNTU-CVE-2024-56202
Expected Behavior Violation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to versions 9.2.9 or 10.0.4 or newer, which fixes the issue...
PT-2025-9864 · Apache +1 · Apache Traffic Server +1
Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 9.2.0 through 9.2.8 Apache Traffic Server versions 10.0.0 through 10.0.3 Description: The issue is related to Improper Access Control in Apache Traffic Server. Recommendations: For versions 9.2.0 through 9.2.8,...
PT-2025-9863 · Apache +1 · Apache Traffic Server +1
Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 8.1.11 Apache Traffic Server versions 9.0.0 through 9.2.8 Apache Traffic Server versions 10.0.0 through 10.0.3 Description: The issue is related to Improper Input Validation. Users are advised to...
CVE-2022-1810
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9...
MAL-2024-10380 Malicious code in @isfe-common/testing-constants (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4203c75b7ee03f443c2944645689ffff3aefae76e13ac2f7be00545b63c27664 The OpenSSF Package Analysis project identified '@isfe-common/testing-constants' @ 9.2.9 npm as malicious. It is considered malicious because: -...
CVE-2022-1811
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9...
CVE-2022-1811
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9...
CVE-2022-1810
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9...
CVE-2022-1810
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9...
Authorization
Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9...