22 matches found
Ollama Model Registry Path Traversal RCE
Ollama before 0.1.34 is vulnerable to a path traversal attack via the model pull mechanism CVE-2024-37032. When pulling a model, the digest field in OCI manifests is not validated, allowing an attacker to inject path traversal sequences to write arbitrary files on the server. This module starts a...
Uncaught Exception
Overview robrichards/xmlseclibs is a PHP library for XML Security. Affected versions of this package are vulnerable to Uncaught Exception in the form of improper handling of canonicalization failures. An attacker can bypass signature or digest validation by submitting specially crafted invalid XM...
CVE-2025-66578
CVE-2025-66578 affects robrichards/xmlseclibs (PHP) up to version 3.1.3. The root cause is a flaw in libxml2 canonicalization during document transformation: when canonicalizing invalid XML input, libxml2 may return an empty string instead of a canonicalized node. xmlseclibs then computes the Dig...
CVE-2025-66578 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...
CVE-2025-66578 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...
EUVD-2025-201790
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...
CVE-2025-66578 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation
xmlseclibs is a library written in PHP for working with XML Encryption and Signatures. Versions 3.1.3 contain an authentication bypass vulnerability due to a flaw in the libxml2 canonicalization process during document transformation. When libxml2’s canonicalization is invoked on an invalid XML...
CVE-2025-66568 ruby-saml Libxml2 Canonicalization errors can bypass Digest/Signature validation
The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...
CVE-2025-66568 ruby-saml Libxml2 Canonicalization errors can bypass Digest/Signature validation
The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...
CLSA-2025-1762421840 skopeo: Fix of 2 CVEs
CVE-2024-3727: fix path traversal vulnerability with full digest validation in all containers/image transports - CVE-2025-27144: fix excessive memory consumption vulnerability in github.com/go-jose/go-jose/v3 library...
CVE-2024-37032
Ollama before 0.1.34 does not validate the format of the digest sha256 with 64 hex digits when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring...
CVE-2024-37032
Ollama before 0.1.34 does not validate the format of the digest sha256 with 64 hex digits when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring...
CVE-2024-37032
CVE-2024-37032 affects Ollama before 0.1.34. The vulnerability stems from improper validation of the digest format (sha256, 64 hex digits) when resolving the model path, causing incorrect handling of inputs in TestGetBlobsPath (fewer or more than 64 hex digits, or a leading ../). This can enable ...
SUSE CVE-2014-8179
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation...
Pengutronix barebox 信息泄露漏洞
Pengutronix barebox is a bootloader used in embedded Linux systems. A security vulnerability exists in barebox, which leaks time information in crypto digest.c in penguin tronix barebox through 2021.07.0 due to the use of memcmp during digest validation...
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation.
...
Panorama NHIServiSignAdapter Input Validation Error Vulnerability
Panorama NHIServiSignAdapter is a security control component for panoramic surveillance devices from China Panorama. A security vulnerability exists in NHIServiSignAdapter, which stems from a failure of the digest generation function to validate the path to the source file, resulting in SMB...
DEBIAN-CVE-2014-8179
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation...
CVE-2014-8179
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation...
UBUNTU-CVE-2014-8179
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation...