CVE-2026-42810

Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...

CVE-2026-42810

CVE-2026-42810 affects Apache Polaris. The issue arises because Polaris accepts literal ‘’ characters in namespace and table names, and these unescaped characters are reused in temporary S3 access policies for delegated table access. In S3 IAM policy matching, ‘ ’ is treated as a wildcard, allowi...

MiracleLinux 4 : elinks-0.12-0.21.pre5.AXS4 (AXSA:2013-110:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-110:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over...

MiracleLinux 3 : elinks-0.11.1-8.AXS3 (AXSA:2013-101:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-101:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over...

SUSE CVE-2005-2798

sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts...

Explained: How New 'Delegated Credentials' Boosts TLS Protocol Security

Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates withou...

Explained: How New 'Delegated Credentials' Boosts TLS Protocol Security

Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates withou...

Oracle Linux 5 : Critical: / krb5 (ELSA-2008-0164)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0164 advisory. 1.6.1-17.el51.1 - add preliminary patch to fix use of uninitialized pointer / double-free in KDC CVE-2008-0062,CVE-2008-0063 432620, 432621 - add...

Critical: Red Hat Security Advisory: krb5 security and bugfix update

Updated krb5 packages that resolve several issues and fix multiple bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and serve...

security flaw

sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts...