Lucene search
K

6 matches found

OSV
OSV
added 2026/03/16 6:16 p.m.6 views

ALPINE-CVE-2026-3644

The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...

7.5CVSS5.4AI score0.00419EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 6:2 p.m.4 views

GHSA-X9P2-77V6-6VHF FrankenPHP has delayed propagation of security fixes in upstream base images

Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...

9.8CVSS8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-24823

Malware in sbrugna...

5.9CVSS5.7AI score0.01565EPSS
Exploits1References6
OSV
OSV
added 2021/05/09 6:5 p.m.5 views

OPENSUSE-SU-2021:0695-1 Security update for alpine

This update for alpine fixes the following issues: Update to release 2.24 A few crash fixes Implementation of XOAUTH2 for Yahoo! Mail. Update to release 2.23.2 Expansion of the configuration screen for XOAUTH2 to include username, and tenant. Alpine uses the domain in the From: header of a messag...

7.5CVSS7.6AI score0.01823EPSS
Exploits0References3
OSV
OSV
added 2021/05/06 12:6 p.m.5 views

OPENSUSE-SU-2021:0675-1 Security update for alpine

This update for alpine fixes the following issues: Update to release 2.24 A few crash fixes Implementation of XOAUTH2 for Yahoo! Mail. Update to release 2.23.2 Expansion of the configuration screen for XOAUTH2 to include username, and tenant. Alpine uses the domain in the From: header of a messag...

7.5CVSS7.6AI score0.01823EPSS
Exploits0References3
OSV
OSV
added 2020/06/19 7:15 p.m.4 views

CVE-2020-14929

Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do...

7.5CVSS7.4AI score
Exploits0References4
Rows per page
Query Builder