MCP Server Kubernetes 安全漏洞

MCP Server Kubernetes is a Kubernetes management server developed by Suyog Sonwalkar. Versions of MCP Server Kubernetes prior to 3.6.0 contained security vulnerabilities. These vulnerabilities stemmed from access control being executed at the tool discovery layer but not at the execution layer,...

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations

...

DEBIAN-CVE-2024-50383

Botan before 3.6.0, when certain GCC versions are used, has a compiler-induced secret-dependent operation in lib/utils/donna128.h in donna128 used in Chacha-Poly1305 and x25519. An addition can be skipped if a carry is not set. This was observed for GCC 11.3.0 with -O2 on MIPS, and GCC on x86-i38...

PT-2024-9332 · Luigi · Luigi

Name of the Vulnerable Software and Affected Versions: luigi versions prior to 3.6.0 Description: The issue is related to improper destination file path validation in the extract packages archive function, which can lead to arbitrary file write via archive extraction, also known as Zip Slip. This...

AZL-6614 CVE-2021-36976 affecting package libarchive for versions less than 3.6.0-1

libarchive 3.4.1 through 3.5.1 has a use-after-free in copystring called from douncompressblock and processblock...

CVE-2020-28478

This affects the package gsap before 3.6.0...

CVE-2020-28478 Prototype Pollution

This affects the package gsap before 3.6.0...

Greensock Gsap Security Vulnerability

Greensock Gsap is a Javascript-based toolkit from the Greensock team for quickly creating animated effects in the browser. A security vulnerability exists in gsap before 3.6.0, no information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announceme...