Security Bulletin: DevOps Test Performance contains a vulnerability related to use of yaml JavaScript library

Summary Due to use of the yaml JavaScript library, DevOps Test Performance and Rational Performance Tester contain a potential Denial of Service DoS vulnerability. Vulnerability Details CVEID:CVE-2026-33532 DESCRIPTION: yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document...

CVE-2026-33532

yaml is a YAML parser and serialiser for JavaScript. Parsing a YAML document with a version of yaml on the 1.x branch prior to 1.10.3 or on the 2.x branch prior to 2.8.3 may throw a RangeError due to a stack overflow. The node resolution/composition phase uses recursive function calls without a...

HubSpot Jinjava 安全漏洞

HubSpot Jinjava is an application developed by a personal developer at HubSpot in the United States. It provides a Java-based template engine and Django template syntax, suitable for rendering Jinja templates. There were security vulnerabilities in versions of HubSpot Jinjava prior to 2.7.6 and...

WordPress plugin Falcon 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-9105

CVE-2024-9105 — UltimateAI WordPress plugin authentication bypass The UltimateAI plugin for WordPress (Ultimate AI) is vulnerable to an authentication bypass in versions up to 2.8.3. The root cause is insufficient verification on the user parameter in the function ultimate_ai_register_or_login_wi...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +188 more potentially affected by CVE-2022-41880 via tensorflow-gpu (>=1.10.1 <=2.8.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-41880 Source advisory: OSV:GHSA-8W5G-3WCV-9G2J...

WordPress plugin Activity Log 注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Lightbend Play Framework 资源管理错误漏洞

Lightbend Play Framework is a web application framework written in the Scala language from Lightbend, Inc. A resource management error vulnerability exists in Lightbend Play Framework versions 2.8.3 through 2.8.15, which results in a denial of service when using the FormbindFromRequest method on...

PT-2019-11640

Name of the Vulnerable Software and Affected Versions: ansible versions 2.8.0 through 2.8.3 Description: A flaw was found in the way sensitive data is handled. Fields managing sensitive data should be set as such by the no log feature. However, some fields in GCP modules are not set properly. The...