Lucene search
K

13 matches found

Snyk
Snyk
added 2026/05/20 3:35 p.m.15 views

Improper Validation of Unsafe Equivalence in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the CXF-RS or CXF-SOAP endpoints due to missing inbound filtering via setInFilterStartsWith. An attacker can execute arbitrary code and write files by injecting Camel-internal header...

9.8CVSS6.2AI score0.01425EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/11 11:4 a.m.27 views

CVE-2026-1094 Improper Validation of Unsafe Equivalence in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.8 before 18.8.4 that could have allowed an authenticated developer to hide specially crafted file changes from the WebUI...

4.6CVSS0.00162EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/24 12:0 a.m.2 views

SUSE SLES15 / openSUSE 15 Security Update : sevctl (SUSE-SU-2025:03307-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03307-1 advisory. - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416:...

8.8CVSS5.2AI score0.00452EPSS
Exploits1References7
OSV
OSV
added 2025/09/23 1:13 p.m.2 views

SUSE-SU-2025:03306-1 Security update for sevctl

This update for sevctl fixes the following issues: - CVE-2024-12224: idna: Fixed improper validation of unsafe equivalence in punycode. bsc1243860 - CVE-2025-3416: openssl: Fixed use-after-free in Md::fetch and Cipher::fetch bsc1242618...

8.8CVSS5.8AI score0.00452EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2025/08/12 1:1 p.m.5 views

Security update for sccache

This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

4.2CVSS7AI score0.00194EPSS
Exploits1References4
OSV
OSV
added 2025/08/12 1:1 p.m.4 views

SUSE-SU-2025:02768-1 Security update for sccache

This update for sccache fixes the following issues: - Update to version 0.4.24: - CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868...

8.8CVSS5.8AI score0.00194EPSS
Exploits1References3
SUSE Linux
SUSE Linux
added 2025/08/01 8:49 a.m.3 views

Security update for sccache

This update for sccache fixes the following issues: Update to version 0.4.24: CVE-2024-12224: Fixed improper validation of unsafe equivalence in punycode. bsc1243868 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

4.2CVSS6.8AI score0.00194EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/05/31 1:31 a.m.4 views

SUSE CVE-2024-12224

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...

4.2CVSS6.9AI score0.00194EPSS
Exploits1References29
NVD
NVD
added 2025/05/30 2:15 a.m.8 views

CVE-2024-12224

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...

8.8CVSS0.00194EPSS
Exploits1References2
OSV
OSV
added 2025/05/30 2:15 a.m.3 views

UBUNTU-CVE-2024-12224

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...

8.8CVSS5.8AI score0.00194EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/05/30 1:16 a.m.12 views

CVE-2024-12224

Improper Validation of Unsafe Equivalence in punycode by the idna crate from Servo rust-url allows an attacker to create a punycode hostname that one part of a system might treat as distinct while another part of that system would treat as equivalent to another hostname...

8.8CVSS6.1AI score0.00194EPSS
Exploits1
Snyk
Snyk
added 2024/09/09 3:40 p.m.4 views

Improper Validation of Unsafe Equivalence in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the srcset attribute, which allows bypassing the imgSrcSanitizationTrustedUrlList allowlist. An attacker can manipulate the content presented to other users by setting a srcset value...

6.3CVSS6.8AI score0.00574EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/01 12:0 a.m.5 views

PT-2024-17492

Name of the Vulnerable Software and Affected Versions idna versions 0.5.0 and earlier url versions prior to 2.5.4 Description The issue is related to improper validation of unsafe equivalence in punycode by the idna crate from Servo rust-url. This allows an attacker to create a punycode hostname...

8.8CVSS6.6AI score0.00194EPSS
Exploits1References38
Rows per page
Query Builder