10 matches found
OPENSUSE-SU-2026:11157-1 perl-CSS-Minifier-XS-0.140.0-1.1 on GA media
These are all security issues fixed in the perl-CSS-Minifier-XS-0.140.0-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-13593
CVE-2026-13593 affects CSS::Minifier::XS before 0.14 for Perl. The vulnerability is a memory leak in the minify function when processing a document containing only characters to be removed (e.g., comments/whitespace). Impact is a leak during minification of such input; no exploitation details or ...
CVE-2026-13593
CSS::Minifier::XS versions before 0.14 for Perl have a memory leak when the entire document is minified away. The minify function has a memory leak when processing a document containing only characters to be removed, such as comments and whitespace...
CVE-2022-31132
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...
Server side request forgery (ssrf)
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...
CVE-2022-31132 Unauthenticated SSRF in 3rd party module "cerdic/csstidy"
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...
CVE-2022-31132
The CVE-2022-31132 issue affects Nextcloud Mail where versions shipped with the CSS minifier at ./vendor/cerdic/css-tidy/css_optimiser.php expose an unrestricted interface, enabling unauthenticated SSRF. Affected software is Nextcloud Mail; impact is described as Server-Side Request Forgery with ...
CVE-2022-31132 Unauthenticated SSRF in 3rd party module "cerdic/csstidy"
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...
CVE-2022-31132 Unauthenticated SSRF in 3rd party module "cerdic/csstidy"
Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path ./vendor/cerdic/css-tidy/cssoptimiser.php. Access to the minifier is unrestricted and access may lead to Server-Side Request Forgery SSRF. It is recommendet t...
PT-2022-20552 · Nextcloud · Nextcloud Mail
Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.12.7 Nextcloud Mail versions prior to 1.13.6 Description: Nextcloud Mail is an email application for the nextcloud personal cloud product. Affected versions shipped with a CSS minifier on the path...