33736 matches found
OPENSUSE-SU-2026:20761-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264...
LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects
...
CLSA-2026-1778979189 Fix CVE(s): CVE-2024-6232, CVE-2024-7592, CVE-2024-9287
SECURITY UPDATE: ReDoS in tarfile PAX header parsing - debian/patches/CVE-2024-6232.patch: rewrite Lib/tarfile.py PAX-record parser to scan length-prefixed records via a bounded regex headerlengthprefixre plus direct slicing, eliminating quadratic backtracking in three pre-existing regexes. Adapt...
curl: Connection reuse ignores haproxyprotocol and HAPROXY_CLIENT_IP settings, allowing PROXY context to persist across transfers
Summary: libcurl's connection pool match logic does not include the CURLOPTHAPROXYPROTOCOL setting or the CURLOPTHAPROXYCLIENTIP value in its connection match key. Two transfers issued through the same Curleasy or via a shared connection cache CURLLOCKDATACONNECT therefore share one TCP connectio...
Regular Expression Denial of Service (ReDoS)
Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the clientSDK parameter in the request-header parser. An attacker can exhaust...
CLSA-2026-1778836031 libsoup: Fix of CVE-2026-2708
CVE-2026-2708: reject duplicate Content-Length headers with different values to prevent HTTP request smuggling per RFC 9110 section 7.7...
Implicit Bearer Token Injection
github.com/kyverno/kyverno is vulnerable to Implicit Bearer Token Injection. The vulnerability is due to the apiCall service helper automatically injecting the Kyverno controller's Authorization: Bearer service account token into outbound requests when no authorization header is explicitly...
Server-Side Request Forgery (SSRF)
n8n-mcp is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper validation of webhook trigger tools, the n8n API client N8NAPIURL, and per-request URLs supplied through the x-n8n-url header in multi-tenant HTTP mode, which allows an authenticated attacker to send...
CVE-2026-44514
Kubetail is a real-time logging dashboard for Kubernetes. Prior to 0.14.0, Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin header on connection upgrade. A malicious web page visited by a user with an active Kubetail session could open a WebSocket to th...
CLSA-2026-1778881463 ipa: Fix of 3 CVEs
CVE-2023-5455: fix CSRF vulnerability by adding Referer header check to all session endpoints - CVE-2024-1481: validate Kerberos principal name before kinit and pass it with -- separator to prevent option injection - CVE-2024-11029: scrub administrative passwords from process command line and...
[SECURITY] Fedora 42 Update: nginx-mod-headers-more-0.39-9.fc42
This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...
[SECURITY] Fedora 43 Update: nginx-mod-headers-more-0.39-9.fc43
This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...
[SECURITY] Fedora 44 Update: nginx-mod-headers-more-0.39-9.fc44
This module allows adding, setting, or clearing specified input/output header s. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server...
CVE-2026-45339
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins to restrict which API endpoints an API key can access. When an API key is restricted from /api/v1/messages, requests using the Authorization: Bearer sk-...
CVE-2026-45339
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins to restrict which API endpoints an API key can access. When an API key is restricted from /api/v1/messages, requests using the Authorization: Bearer sk-...
CVE-2026-45339
Open WebUI (self-hosted offline AI platform) has a vulnerability where endpoint access restrictions on API keys could be bypassed by using the x-api-key header, even when the key was restricted from sensitive endpoints like /api/v1/messages. Prior to version 0.9.0, requests with Authorization: Be...
CVE-2026-46364
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...
CVE-2026-46364 phpMyFAQ - SQL Injection via User-Agent Header in BuiltinCaptcha
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...
CVE-2026-46364 phpMyFAQ - SQL Injection via User-Agent Header in BuiltinCaptcha
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...
CVE-2026-46364
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...