[SECURITY] Fedora 38 Update: python-fastapi-0.95.2-1.fc38

FastAPI is a modern, fast high-performance, web framework for building APIs with Python 3.7+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python...

Ubuntu: Security Advisory (USN-6103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6103-1: JSON Schema vulnerability

It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code...

USN-6103-1 node-json-schema vulnerability

It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to exploit JavaScript runtimes and cause a denial of service or execute arbitrary code...

Ubuntu 18.04 LTS / 20.04 LTS : JSON Schema vulnerability (USN-6103-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6103-1 advisory. It was discovered that JSON Schema incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted...

CBL Mariner 2.0 Security Update: helm (CVE-2022-23526)

The version of helm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23526 advisory. - Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject ...

@wmfs/addressbase-plus-blueprint (>=1.1.0 <=1.182.0), @wmfs/addressbase-premium-blueprint (>=1.0.0 <=1.185.0) +50 more potentially affected by CVE-2023-26132 via dottie (>=2.0.0 <=2.0.3)

dottie NPM version =2.0.0, =1.1.0, =1.0.0, =1.0.0, =1.11.0, =1.10.0, =1.0.0, =1.0.0, =1.0.0, =1.27.0, =1.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.8.0 and more Source cves: CVE-2023-26132 Source advisory: SNYK:JS-DOTTIE-3332763...

SUSE CVE-2021-3918

json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

SUSE CVE-2022-23526

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...

Security Bulletin: IBM Process Mining is vulnerable to Prototype Pollution due to json-schema CVE-2021-3918

Summary json-schema is used by IBM Process Mining. CVE-2021-3918. The fix includes json-schema 0.4.0 Vulnerability Details CVEID:CVE-2021-3918 DESCRIPTION: Json-schema could allow a remote attacker to execute arbitrary code on the system, caused by an improperly controlled modification of object...

CVE-2023-23619 Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina

Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Versions prior to 1.0.0 are vulnerable to Code injection. This issue affects anyone who is using the default presets and/or does not handle the functionality themself. This issue...

Modelina 代码注入漏洞

Modelina is the asyncapi personal developer's library for generating data models based on input such as AsyncAPI, OpenAPI or JSON schema documents. A code injection vulnerability exists in versions of Modelina prior to 1.0.0 that stems from vulnerability to code injection attacks...

Prestaul skeemas 安全漏洞

Prestaul skeemas is a comprehensive validation of JSON schemas drafts 3 and 4. A security vulnerability exists in Prestaul skeemas, which stems from the fact that incorrect manipulation of the parameter uri can lead to inefficient regular expression complexity...

GO-2022-1166 Denial of service via schema file in helm.sh/helm/v3

Certain JSON schema validation files can cause a Helm Client to panic, leading to a possible denial of service. The chartutil package contains a parser that loads a JSON Schema validation file. For example, the Helm client when rendering a chart will validate its values with the schema file. The...

CVE-2022-23526

A flaw was found in Helm, a tool for managing Charts, a pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that could cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema...

CVE-2022-23526

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...

AZL-11656 CVE-2022-23526 affecting package helm for versions less than 3.9.4-4

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...

Null pointer dereference

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...

CVE-2022-23526

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...

CVE-2022-23526 Helm contains Denial of service through schema file

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...