13 matches found
Improper Validation of Unsafe Equivalence in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the CXF-RS or CXF-SOAP endpoints due to missing inbound filtering via setInFilterStartsWith. An attacker can execute arbitrary code and write files by injecting Camel-internal header...
CVE-2026-1094 Improper Validation of Unsafe Equivalence in Input in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...
SUSE SLES15 / openSUSE 15 Security Update : sevctl (SUSE-SU-2025:03307-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03307-1 advisory. - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416:...
SUSE-SU-2025:03306-1 Security update for sevctl
This update for sevctl fixes the following issues: - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618...
Security update for sccache
This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:02768-1 Security update for sccache
This update for sccache fixes the following issues: - Update to version 0.4.24: - CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868...
Security update for sccache
This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE CVE-2024-12224
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...
CVE-2024-12224
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...
UBUNTU-CVE-2024-12224
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...
CVE-2024-12224
Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...
Improper Validation of Unsafe Equivalence in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the srcset attribute, which allows bypassing the imgSrcSanitizationTrustedUrlList allowlist. An attacker can manipulate the content presented to other users by setting a srcset value...
PT-2024-17492
Name of the Vulnerable Software and Affected Versions idna versions 0.5.0 and earlier url versions prior to 2.5.4 Description The issue is related to improper validation of unsafe equivalence in punycode by the idna crate from Servo rust-url. This allows an attacker to create a punycode hostname...