Lucene search
K

1448 matches found

NVD
NVD
added 2026/06/04 11:16 a.m.14 views

CVE-2026-10801

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...

3.6CVSS0.00075EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/06/04 11:0 a.m.8 views

CVE-2026-10801 modelscope ms-swift PIL Image Cache Key base.py Template._save_pil_image weak hash

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...

3.6CVSS4.9AI score0.00075EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/04 11:0 a.m.39 views

CVE-2026-10801 modelscope ms-swift PIL Image Cache Key base.py Template._save_pil_image weak hash

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...

3.6CVSS0.00075EPSS
Exploits0References8
CVE
CVE
added 2026/06/04 11:0 a.m.20 views

CVE-2026-10801

CVE-2026-10801 affects modelscope ms-swift up to 4.2.0 and targets the PIL Image Cache Key Handler, specifically the function Template._save_pil_image in swift/template/base.py. The issue is a manipulation that results in the use of a weak hash, enabling a local attack. The CVE notes a high attac...

3.6CVSS5AI score0.00075EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.11 views

Debian dsa-6314 : python3-swift - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6314 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6314-1 [email protected] https://www.debian.org/security/ Moritz...

7.1CVSS5.8AI score0.00322EPSS
Exploits0References4
Debian
Debian
added 2026/05/31 6:38 p.m.13 views

[SECURITY] [DSA 6314-1] swift security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6314-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 31, 2026 https://www.debian.org/security/faq -...

7.1CVSS5.8AI score0.00322EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-49017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInp...

7.1CVSS5.8AI score0.00322EPSS
Exploits0References2
NVD
NVD
added 2026/05/27 2:16 a.m.12 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS0.00322EPSS
Exploits0References5
OSV
OSV
added 2026/05/27 2:16 a.m.9 views

DEBIAN-CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/27 2:16 a.m.19 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:16 a.m.6 views

UBUNTU-CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 1:57 a.m.32 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS0.00322EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 1:57 a.m.11 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 1:57 a.m.10 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 1:57 a.m.16 views

EUVD-2026-32040

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 1:57 a.m.23 views

CVE-2026-49017

OpenStack Swift prior to 2.36.2 and 2.37.2 is affected. The s3api middleware enters an infinite loop while processing truncated aws-chunked PUT bodies, due to the StreamingInput class repeatedly appending an empty buffer and re-reading. This causes the proxy-server worker to become permanently un...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/27 1:57 a.m.8 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS5.9AI score0.00322EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.11 views

PT-2026-43476

Name of the Vulnerable Software and Affected Versions OpenStack Swift versions 2.36.0 through 2.36.1 OpenStack Swift versions 2.37.0 through 2.37.1 Description The s3api middleware contains a flaw where the StreamingInput class enters an infinite loop when processing a truncated aws-chunked PUT...

7.1CVSS5.9AI score0.00322EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.16 views

OpenStack Swift 安全漏洞

OpenStack Swift is an open-source distributed object storage system under OpenStack. There were security vulnerabilities in versions of OpenStack Swift prior to 2.36.2 and 2.37.2. These vulnerabilities stemmed from the s3api middleware handling truncated aws-chunked PUT request bodies, leading to...

7.1CVSS5.8AI score0.00322EPSS
Exploits0References4
NVD
NVD
added 2026/05/26 5:16 p.m.13 views

CVE-2025-36148

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the...

6.1CVSS0.00193EPSS
Exploits0References1
Rows per page
Query Builder