157392 matches found
GHSA-5CCW-23GM-2H2F vulnerabilities
Vulnerabilities for packages: openjdk...
CVE-2025-53066 vulnerabilities
Vulnerabilities for packages: openjdk...
GHSA-XVMR-9P7M-JMWV vulnerabilities
Vulnerabilities for packages: openjdk...
CVE-2026-49458 vulnerabilities
Vulnerabilities for packages: langfuse...
GHSA-HPCV-96WG-7VJ8 vulnerabilities
Vulnerabilities for packages: langfuse...
GHSA-F38Q-MGVJ-VPH7 vulnerabilities
Vulnerabilities for packages: vitess, jitsucom-jitsu, kubeflow-centraldashboard...
CVE-2026-54269 vulnerabilities
Vulnerabilities for packages: vitess, jitsucom-jitsu, kubeflow-centraldashboard...
GHSA-HMW2-7CC7-3QXX vulnerabilities
Vulnerabilities for packages: langfuse, jitsucom-jitsu, kubeflow-centraldashboard...
CVE-2026-9678
Impact: Undici's cache interceptor incorrectly classifies some responses as cacheable when the upstream Cache-Control header uses whitespace-padded qualified private or no-cache field names such as private=" authorization" or no-cache="\tauthorization". The parser preserves the surrounding...
CVE-2026-9679
Impact: undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...
CVE-2026-9697
Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...
firefox: Integer overflow in the Networking: JAR component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Integer overflow in the Networking: JAR component...
firefox: thunderbird: Privilege escalation in the DOM: Workers component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...
firefox: Sandbox escape due to use-after-free in the Disability Access APIs component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to use-after-free in the Disability Access APIs component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...
firefox: Privilege escalation in the Security component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Security component...
firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...
firefox: Spoofing issue in the Form Autofill component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the Form Autofill component...
firefox: Information disclosure, sandbox escape in the Security: Process Sandboxing component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure, sandbox escape in the Security: Process Sandboxing component...