4 matches found
EUVD-2025-29417
Malicious code in bioql PyPI...
LocalS3 Project Vulnerable to XML External Entity (XXE) Injection via Bucket Tagging API
Description The LocalS3 project, an S3-compatible storage service, is vulnerable to XML External Entity XXE injection through its bucket tagging API. The vulnerability exists because the application processes XML input without properly disabling external entity resolution. When processing XML dat...
GHSA-V232-254C-M6P7 LocalS3 Project Vulnerable to XML External Entity (XXE) Injection via Bucket Tagging API
Description The LocalS3 project, an S3-compatible storage service, is vulnerable to XML External Entity XXE injection through its bucket tagging API. The vulnerability exists because the application processes XML input without properly disabling external entity resolution. When processing XML dat...
XWiki Platform 信息泄露漏洞
XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the XWiki Foundation in France. An information disclosure vulnerability exists in xwiki-platform-tag-api versions 5.0-milestone-1 through 14.4.8, 14.10.4 and earlier, and 15.0-rc-1 and earlier, which stem...