4 matches found
CVE-2026-55827 FreeRDP: Heap out-of-bounds write in RemoteFX (RFX) Cache Bitmap V3 decode
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.27.1, FreeRDP clients launched with the non-default /cache:codec:rfx option pass desktop stride and height to RemoteFX decoding for Cache Bitmap V3 data while allocating bitmap-data only for the smaller DstWidth and...
fast-jwt: Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)
NOTE: While the library exposes a mechanism which could introduce the vulnerability, this issue is created by developer-supplied code and not by the library itself. We will add a warning and some education for users around the possible issues however since the defaults work we will not be updatin...
Linux Distros Unpatched Vulnerability : CVE-2020-17509
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic...
PT-2024-1509
Name of the Vulnerable Software and Affected Versions Moby versions prior to 23.0 Moby versions 23.0 and later with DOCKER BUILDKIT=0 environment variable Moby versions 23.0 and later using the /build API endpoint Description The classic builder cache system in Moby is prone to cache poisoning if...