Lucene search
K

769 matches found

PyPA
PyPA
added 2022/09/21 8:15 a.m.6 views

PYSEC-2022-279

In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction...

7.5CVSS6.7AI score0.01531EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/09/21 7:25 a.m.92 views

CVE-2022-40604

CVE-2022-40604 affects Apache Airflow 2.3.0–2.3.4. A component of a URL was unnecessarily formatted, enabling information disclosure from a formatted URL. Multiple sources (NVD, OSV entries, and third‑party advisories) corroborate a format-string/vulnerability in the URL handling path (notably in...

7.5CVSS7.4AI score0.01531EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/21 12:0 a.m.2 views

PT-2022-25414 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 2.3.0 through 2.3.4 Description: The issue concerns a part of a URL that was unnecessarily formatted, allowing for possible information extraction. Recommendations: For Apache Airflow versions 2.3.0 through 2.3.4, upda...

8.7CVSS6.5AI score0.01531EPSS
Exploits0References15
OSV
OSV
added 2022/09/13 6:15 p.m.9 views

CVE-2022-32190

JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath"https://go.dev", "../go" returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are removed from the result...

7.5CVSS7.5AI score
Exploits0References4
CNNVD
CNNVD
added 2022/08/31 12:0 a.m.3 views

多款 GitLab 产品资源管理错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab Community Edition CE and GitLab...

7.5CVSS6.9AI score0.01062EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/08/06 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 103.0.5060.134, which stemmed from an improperly implemented vulnerability in URL formatting...

6.5CVSS6.4AI score0.0048EPSS
Exploits1References5
OSV
OSV
added 2022/08/04 5:6 p.m.12 views

USN-5546-2 openjdk-8 vulnerabilities

USN-5546-1 fixed vulnerabilities in OpenJDK. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Neil Madden discovered that OpenJDK did not properly verify ECDSA signatures. A remote attacker could possibly use this issue to insert, edit or obtain...

7.5CVSS7AI score0.17673EPSS
Exploits2References9
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.10 views

Fedora: Security Advisory for golang-github-kr-text (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/30 1:57 a.m.14 views

[SECURITY] Fedora 36 Update: golang-github-kr-text-0.2.0-6.fc36

Miscellaneous functions for formatting text...

1.8AI score
Exploits0
OSV
OSV
added 2022/07/28 1:15 a.m.1 views

UBUNTU-CVE-2022-2165

Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...

4.3CVSS5.8AI score0.00699EPSS
Exploits0References2
CVE
CVE
added 2022/07/28 12:41 a.m.210 views

CVE-2022-2165

CVE-2022-2165 — Summary : The connected sources confirm a vulnerability in Google Chrome (desktop) stemming from insufficient data validation in URL formatting, enabling domain spoofing via IDN homographs with a crafted domain name. The issue affects Chrome up to version 103.0.5060.53 and is addr...

4.3CVSS5AI score0.00699EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/22 12:0 a.m.3 views

PT-2023-4307 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 103.0.5060.134 Description: The issue is related to an inappropriate implementation in URL formatting, which can be exploited by a remote attacker to perform domain spoofing via a crafted HTML page. This can be...

8.8CVSS6.1AI score0.17864EPSS
Exploits1References33
Positive Technologies
Positive Technologies
added 2022/07/20 12:0 a.m.3 views

PT-2022-20577 · Slack · Slack Morphism

Name of the Vulnerable Software and Affected Versions: Slack Morphism versions prior to 0.41.0 Description: The issue concerns the potential leakage of Slack OAuth client information into application debug logs due to insecure debug log formatting. This could lead to the accidental exposure of...

7.5CVSS7.3AI score0.00739EPSS
Exploits0References11
Fedora
Fedora
added 2022/07/17 1:15 a.m.21 views

[SECURITY] Fedora 35 Update: golang-github-kr-text-0.2.0-5.fc35

Miscellaneous functions for formatting text...

9.3CVSS1.8AI score0.05994EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.13 views

Fedora: Security Advisory for golang-github-kr-text (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/04 1:35 a.m.19 views

[SECURITY] Fedora 36 Update: golang-github-kr-text-0.2.0-5.fc36

Miscellaneous functions for formatting text...

9.3CVSS8.2AI score0.05994EPSS
Exploits4
CNNVD
CNNVD
added 2022/06/29 12:0 a.m.3 views

CVA6 安全漏洞

CVA6 is an application class 6 RISC-V CPU open-sourced by the OpenHW Group in Canada. A security vulnerability exists in CVA6 that stems from giving incorrect permission to use special multiplication units when instructions are formatted incorrectly...

7.5CVSS7.3AI score0.00646EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2022/06/29 12:0 a.m.46 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10035-1 Rating: important References: 1200783 Cross-References: CVE-2022-2156 CVE-2022-2157 CVE-2022-2158 CVE-2022-2160 CVE-2022-2161 CVE-2022-2162 CVE-2022-2163 CVE-2022-2164 CVE-2022-2165 Affected Products:...

8.8CVSS8.3AI score0.01286EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/06/27 12:0 a.m.37 views

Mageia: Security Advisory (MGASA-2022-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.01286EPSS
Exploits1References5
Microsoft CVE
Microsoft CVE
added 2022/06/23 7:0 a.m.70 views

Chromium: CVE-2022-2165 Insufficient data validation in URL formatting

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6AI score0.00699EPSS
Exploits0
Rows per page
Query Builder