5 matches found
PT-2026-31732
Name of the Vulnerable Software and Affected Versions Helm versions 3.20.1 and earlier, and versions 4.1.3 and earlier Description Helm, a package manager for Kubernetes Charts, is affected by an issue where a specially crafted Chart can cause the helm pull --untar command to write chart contents...
DEBIAN-CVE-2026-25896
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. From 4.1.3to before 5.3.5, a dot . in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow...
PT-2025-32953 · Dimension · Dimension
Name of the Vulnerable Software and Affected Versions: Dimension versions 4.1.3 and earlier Description: Dimension versions 4.1.3 and earlier are affected by an out-of-bounds read issue that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction,...
PT-2024-40898 · Unknown · Django Cms
Name of the Vulnerable Software and Affected Versions: django-cms versions 3.11.7 through 3.11.8 django-cms versions 4.1.2 through 4.1.3 Description: The issue affects django-cms, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. Recommendations...
WESEEK GROWI Information Disclosure Vulnerability
Weseek WESEEK GROWI is a suite of team collaboration software from WESEEK Weseek Japan. An information disclosure vulnerability exists in GROWI versions 4.0.0 through 4.1.3, which stems from the application exporting too much data. The vulnerability allows a remote attacker to access potentially...