7 matches found
CVE-2026-49361 Apache Fluss Netty Frame Decoder Memory Exhaustion Vulnerability
Apache Fluss versions prior to 0.9.1 configure the Netty LengthFieldBasedFrameDecoder with Integer.MAXVALUE as the maximum frame length, allowing unauthenticated remote attackers to exhaust JVM heap memory on TabletServer and CoordinatorServer by sending specially crafted frame headers, resulting...
PT-2026-45385
Name of the Vulnerable Software and Affected Versions Apache Fluss versions prior to 0.9.1 Description The Netty LengthFieldBasedFrameDecoder is configured with Integer.MAX VALUE as the maximum frame length. This allows unauthenticated remote attackers to exhaust JVM heap memory on TabletServer a...
Race Condition
Overview @genkit-ai/firebase is a Genkit AI framework plugin for Firebase including Firestore trace/state store and deployment helpers for Cloud Functions for Firebase. Affected versions of this package are vulnerable to Race Condition via the asynchronous user engagement collection in the...
PT-2022-28106 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue concerns the incorrect use of privileged APIs in the usememos/memos GitHub repository. A user can archive any private memos, delete any shortcut, and edit any shortcut from other...
PT-2022-28096 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue involves the incorrect use of privileged APIs, allowing a user with login permission to delete all notes of the whole application. This can be achieved via the API endpoint...
PT-2022-28103 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to improper authorization, allowing for authorization bypass through a user-controlled key. This affects the usememos/memos GitHub repository. Recommendations: For...
PT-2022-28115 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to improper access control in the GitHub repository usememos/memos. Recommendations: For versions prior to 0.9.1, update to version 0.9.1 or later to resolve the issue...