3 matches found
CVE-2026-53535
Activepieces prior to 0.82.0 is affected by an arbitrary file write in the git-sync workflow. The issue occurs because git-sync clones a configured repository into a temporary server directory with Git’s symbolic-link handling enabled, allowing symlinks to redirect writes. Additionally, on-disk i...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: nerdctl, gobuster, pdfcpu, gatus, nfpm, sbom-convert, weaviate, grpc-health-probe, envoy-ratelimit, modelmesh-runtime-adapter, sftpgo-plugin-eventstore, go, secrets-store-csi-driver-provider-aws, pguser, oras, boring-registry, polaris, step-issuer, helm-mapkubeapis,...
CVE-2025-30204 vulnerabilities
Vulnerabilities for packages: step-fips, neuvector-fips, minio-operator-fips, velero-fips, actions-runner-controller-fips, skaffold-fips, rekor, argocd-image-updater-fips, coredns-fips, filebrowser, grafana-mimir-fips, guac, kargo, secrets-store-csi-driver-provider-azure, mongo-tools, openfga,...