115 matches found
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, rootlesskit, gomplate, opentelemetry-collector, loki, pulumi, grype, chisel, pulumi-language-yaml, docker-cli-buildx, flux-kustomize-controller, policy-controller, eksctl, glab, kargo, tekton-chains, gitea, minio, kaf, ko, atlantis, kyvern...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.18.24 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7107: Backport to 4.18.z CLONE - ODF Console is breaking DFBUGS-7064: RHODF 4.18.24 release DFBUGS-7046:...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update
Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.16.30 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7345: RHODF 4.16.30 release DFBUGS-7105: Backport to 4.16.z CLONE - ODF Console is breaking DFBUGS-6743:...
azure-storage-azcopy-10.32.4-1.1 on GA media (moderate)
azure-storage-azcopy-10.32.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10873-1 Rating: moderate Cross-References: CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-39821 SUSE : 9.1...
OPENSUSE-SU-2026:10873-1 azure-storage-azcopy-10.32.4-1.1 on GA media
These are all security issues fixed in the azure-storage-azcopy-10.32.4-1.1 package on the GA media of openSUSE Tumbleweed...
azure-storage-azcopy-10.32.2-3.1 on GA media (moderate)
azure-storage-azcopy-10.32.2-3.1 on GA media Announcement ID: openSUSE-SU-2026:10849-1 Rating: moderate Cross-References: CVE-2026-33814 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerabili...
OPENSUSE-SU-2026:10849-1 azure-storage-azcopy-10.32.2-3.1 on GA media
These are all security issues fixed in the azure-storage-azcopy-10.32.2-3.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:10630-1 azure-storage-azcopy-10.32.2-2.1 on GA media
These are all security issues fixed in the azure-storage-azcopy-10.32.2-2.1 package on the GA media of openSUSE Tumbleweed...
SUSE SLES15 Security Update : azure-storage-azcopy (SUSE-SU-2026:1395-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1395-1 advisory. - CVE-2026-33186: Authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo- header bsc1260307. Tenable has...
Security update for azure-storage-azcopy
This update for azure-storage-azcopy fixes the following issues: CVE-2026-33186: Authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo-header bsc1260307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2026:1395-1 Security update for azure-storage-azcopy
This update for azure-storage-azcopy fixes the following issues: - CVE-2026-33186: Authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo-header bsc1260307...
Exploit for CVE-2025-10681
CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...
CVE-2026-34750
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...
EUVD-2026-18019
Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints...
CVE-2026-34750
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...
CVE-2026-34750
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...
CVE-2026-34750 Payload has Insufficient Filename Validation in Client-Upload Signed-URL Endpoints
Payload is a free and open source headless content management system. Prior to version 3.78.0 in @payloadcms/storage-azure, @payloadcms/storage-gcs, @payloadcms/storage-r2, and @payloadcms/storage-s3, the client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize...
PT-2026-29598
Name of the Vulnerable Software and Affected Versions Payload versions prior to 3.78.0 Description The client-upload signed-URL endpoints for S3, GCS, Azure, and R2 did not properly sanitize filenames. An attacker could craft filenames to escape the intended storage location. Recommendations...
[SECURITY] Fedora 44 Update: rust-reqsign-azure-storage-3.0.0-1.fc44
Azure Storage signing implementation for reqsign...
azure-storage-azcopy-10.32.2-1.1 on GA media (moderate)
azure-storage-azcopy-10.32.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10407-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...