10 matches found
CVE-2025-12506
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from t...
CVE-2025-12506 Use of Incorrectly-Resolved Name or Reference in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from t...
CVE-2025-12506
CVE-2025-12506 affects GitLab CE/EE prior to the patched releases: 16.5–before 18.11.7, 19.0–before 19.0.4, and 19.1–before 19.1.2. The issue stems from improper handling of Git reference name resolution, which could allow an authenticated user to create a repository where the content shown in th...
EUVD-2025-210442
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from t...
frontmcp 代码问题漏洞
FrontMCP is an open-source MCP server development framework based on TypeScript, created by AgentFront. Versions of FrontMCP prior to 2.3.0 had code-related vulnerabilities. These vulnerabilities stemmed from the lack of restrictions on URL reference resolution, which could lead to server-side...
CVE-2026-27727
CVE-2026-27727 is confirmed in multiple IBM advisories as affecting the mchange-commons-java library used by IBM Maximo Monitor Component and related IBM products. The vulnerability stems from JNDI dereferencing code in mchange-commons-java, which can allow an attacker to cause download and execu...
PT-2025-37197
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to the BTRFS filesystem. Specifically, the issue involves the potential for transaction aborts during balancing operations when encountering...
CVE-2025-29313
Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...
The vulnerability of the containers-common library in the Golang programming language arises from improper resolution of references before accessing files. This allows attackers to gain access to confidential information.
The vulnerability of the containers-common library in the Golang programming language is related to improper resolution of references before accessing files. Exploiting this vulnerability can allow an attacker to gain access to confidential information by using symbolic references, by mounting...
GHSA-CXW4-9QV9-VX5H High severity vulnerability that affects PeterO.Cbor
Impact The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those reference...