Server-side Request Forgery (SSRF)

Overview league/commonmark is a PHP-based Markdown parser which supports the full CommonMark spec. It is based on the CommonMark JS reference implementation. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the DomainFilteringAdapter process. An attacker ca...

PYSEC-2024-245

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI.Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk...

PT-2023-6953 · Docker +4 · Docker Distribution +4

Name of the Vulnerable Software and Affected Versions: distribution versions prior to 2.8.2-beta.1 Description: A flaw was found in the /v2/ catalog endpoint, which accepts a parameter to control the maximum number of records returned query string: n. This vulnerability allows a malicious user to...

PT-2020-7722 · WordPress · Wordpress Advanced Access Manager Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Advanced Access Manager Plugin versions prior to 2.8.2 Description: The issue is related to an Arbitrary File Overwrite Vulnerability. There is no information provided about the estimated number of potentially affected devices...