5135 matches found
Strapi Versions <=4.5.6 - Authentication Bypass
Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that...
Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
The Ray Dashboard API is affected by a Server-Side Request Forgery SSRF vulnerability in the url parameter of the /logproxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid. id: CVE-2023-48023 info:...
GHSA-9VCR-P3RJ-Q5Q6 vulnerabilities
Vulnerabilities for packages: zarf, kubescape-server-fips, kyverno-notation-aws, kubescape-server, tekton-chains, kubescape, teleport-operator-fips, cloudbeat, docker-fips, tekton-chains-fips, trivy-operator-fips, image-factory-fips, trivy, aactl, gitsign, spire-server-fips, trivy-operator,...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: kaniko, rekor, cluster-api-provider-vsphere, opentelemetry-operator-fips, nri-f5-fips, jaeger-operator-fips, kubescape-http-request-fips, crossplane-provider-aws-cloudwatchevents, envoy-gateway-fips, kubeflow-pipelines, prometheus-alertmanager, emissary,...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-attacher, fuse-overlayfs-snapshotter, prometheus, kiali, dapr, nri-consul, filebrowser, headlamp, sops, rook, kube-vip, newrelic-nri-kube-events, supercronic, kubeflow-pipelines, helm-set-status, rancher-fleet, conjur-cli,...
CVE-2026-31589 vulnerabilities
Vulnerabilities for packages: linux-aws...
CVE-2026-42505 vulnerabilities
Vulnerabilities for packages: kaniko, rekor, cluster-api-provider-vsphere, opentelemetry-operator-fips, nri-f5-fips, jaeger-operator-fips, kubescape-http-request-fips, crossplane-provider-aws-cloudwatchevents, envoy-gateway-fips, kubeflow-pipelines, prometheus-alertmanager, emissary,...
GHSA-VHJQ-V866-4C7F vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-VG6G-9H68-878W vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-VCCQ-H5J4-92QR vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-QCXP-RJ5J-4RR9 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-JR2W-MC6V-CFPJ vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-J4JV-FP59-574F vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-H634-6F45-J5WJ vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-FW97-88CP-67M9 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-FP35-JCPC-9WWG vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-CWX4-F9X9-PQHH vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-9MHF-2P25-MWM3 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
GHSA-4RJ2-PR7F-CMPG vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...
CVE-2026-53226 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu-melange, linux-aws, linux-vmware, linux-azure...