8 matches found
PYSEC-2026-555 toui allows user-specific variables to be shared between users
Impact Websites that use Website.uservars property in versions. Patches It affects versions v2.0.1 to v2.4.0. Please upgrade to v2.4.1 Workarounds Do not use Website.uservars in websites when using versions v2.0.1 to v2.4.0. Also, do not use Website.signinuser in version v2.4.0 only. Explanation...
CVE-2026-47225 Improper Search Cache Isolation for Scoped Search API Keys in Typesense
Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...
Linux Distros Unpatched Vulnerability : CVE-2017-7561
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in ...
Next.js 安全漏洞
Next.js is a React framework open-sourced by Vercel. A security vulnerability exists in Next.js versions 13.5.1 through 14.2.10 and earlier. An attacker exploits the vulnerability to poison the caches of non-dynamic server-side rendering routes in the page router by sending specially crafted HTTP...
PT-2023-24191
Name of the Vulnerable Software and Affected Versions ToUI versions 2.0.1 through 2.4.0 Description The issue affects websites that use the Website.user vars property. ToUI utilizes Flask-Caching SimpleCache to store user variables, which are stored on the server side. Recommendations For version...
CVE-2017-7561
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact...
CVE-2017-7561
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact...
CVE-2017-7561
Red Hat JBoss EAP version 3.0.7 through before 4.0.0.Beta1 is vulnerable to a server-side cache poisoning or CORS requests in the JAX-RS component resulting in a moderate impact...