2 matches found
CVE-2025-24889
The CVE-2025-24889 issue affects the SecureDrop Client (Workstation) prior to versions 0.14.1 and 1.0.1. A path traversal flaw in the sd-log VM’s log-writing logic allows an attacker who already has code execution on another VM to cause code execution in sd-log by sending a crafted log entry. Thi...
oVirt Cross-Site Scripting Vulnerability
Red Hat Ovirt is the United States Red Hat Red Hat company's set of open source virtualization management platform , is the RHEV enterprise virtualization platform of the open source version of the ovirt-node client and overt-engine management end of the composition of the Web admin application i...