Lucene search
K

61 matches found

NVD
NVD
added 2026/06/17 11:17 p.m.12 views

CVE-2026-50267

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Abstractions 4.0.0 through 4.1.0, when MySQL or PostgreSQL service bindings from VCAPSERVICES include TLS client credentials, the Connectors libra...

4.7CVSS0.00065EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/14 3:58 p.m.7 views

CVE-2026-44503 Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect

The RedirectHandler middleware in microsoft/kiota-java com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0 and other Kiota libraries fails to strip sensitive HTTP headers when following 3xx redirects to a different host or scheme. Only the Authorization header is removed; Cookie,...

7CVSS5.8AI score0.00505EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 3:58 p.m.50 views

CVE-2026-44503

CVE-2026-44503 affects the RedirectHandler in microsoft/kiota-java (com.microsoft.kiota:microsoft-kiota-http-okHttp v1.9.0, and similar Kiota libraries). The root cause is that when following 3xx redirects to a different host or scheme, only the Authorization header is removed; Cookie, Proxy-Auth...

7CVSS5.8AI score0.00505EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/07 1:49 a.m.4 views

ai.pipestream:account-service (>=0.0.2 <=0.0.18), ai.pipestream:connector-admin-service (>=0.1.1 <=0.1.18) +133 more potentially affected by CVE-2026-44503 via com.microsoft.kiota:microsoft-kiota-abstractions (>=0.1.2 <=1.9.0)

com.microsoft.kiota:microsoft-kiota-abstractions MAVEN version =0.1.2, =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.1.1, =0.2.7, =0.7.21, =0.7.21, =0.7.21, =0.1.7, =0.0.1, =0.7.23 and more Source cves: CVE-2026-44503 Source advisory: OSV:GHSA-7J59-V9QR-6FQ9...

7CVSS5.7AI score0.00505EPSS
Exploits0
Patchstack
Patchstack
added 2026/05/07 1:49 a.m.8 views

NPM: Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect

NPM: Kiota abstractions RedirectHandler leaks Cookie/Proxy-Authorization headers on cross-host redirect vulnerability discovered by ? in WordPress Npm kiota-typescript versions 1.0.0-preview.100...

7CVSS5.8AI score0.00505EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2026/03/30 9:29 a.m.10 views

abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +702 more potentially affected by CVE-2025-15379 via mlflow (>=3.0.0rc2 <=3.6.0rc0)

mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-15379 Source advisory: SNYK:PYTHON-MLFLOW-15825746...

10CVSS7.2AI score0.01994EPSS
Exploits1
Snyk
Snyk
added 2025/09/22 9:10 p.m.4 views

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the Skin feature. An attacker can cause unauthorized theme loading and potentially execute arbitrary code by supplying crafted query parameters to load unused or outdated themes. Remediation Upgrade...

7.3CVSS7.6AI score0.00322EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/14 12:0 a.m.6 views

Vulnerability of the Microsoft.Identity.Abstractions component in the Microsoft Identity Web library, which allows a perpetrator to gain unauthorized access to protected information

The vulnerability of the Microsoft.Identity.Abstractions component in the Microsoft Identity Web library is related to the disclosure of information through registration files. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected information...

4.7CVSS5.4AI score0.00084EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2025/04/09 6:58 p.m.6 views

Insertion of Sensitive Information into Log File

Overview Microsoft.Identity.Abstractions is a package containing interfaces and POCO classes used in the Microsoft .NET authentication libraries Microsoft.IdentityModel, MSAL.NET and Microsoft.Identity.Web. Affected versions of this package are vulnerable to Insertion of Sensitive Information int...

5.7CVSS6.5AI score0.00084EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2025/04/04 12:0 a.m.9 views

Using Spring AI 1.0.0-SNAPSHOT: Part 2 - Important Changes and Updates

Using Spring AI 1.0.0-SNAPSHOT: Part 2 - Important Changes and Updates This blog post is a continuation of our previous article Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates, where we introduced the significant changes to artifact IDs, dependency management, and autoconfiguration ...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/04 12:0 a.m.8 views

NuGet Package 'Microsoft.SemanticKernel.Abstractions' Detection

The remote host has a 'Microsoft.SemanticKernel.Abstractions' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:27 p.m.4 views

Malicious code in Be.Vlaanderen.Basisregisters.ParcеlRegіstry.Api.BackOffice.Abstractions (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 1:27 p.m.5 views

MAL-2024-4047 Malicious code in Be.Vlaanderen.Basisregisters.ParcеlRegіstry.Api.BackOffice.Abstractions (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:26 p.m.4 views

Malicious code in Be.Vlaanderen.Bаsisregisters.BuildingRеgistry.Api.Legacy.Abstractions (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 1:26 p.m.3 views

MAL-2024-4099 Malicious code in Be.Vlaanderen.Bаsisregisters.BuildingRеgistrу.Api.Legаcy.Abstractions (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:26 p.m.4 views

Malicious code in Be.Vlaanderen.Bаsisregisters.BuildingRеgistrу.Api.Legаcy.Abstractions (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 1:26 p.m.5 views

MAL-2024-4135 Malicious code in Be.Vlaanderеn.Basisregisters.BuildingRegistry.Api.Oslo.Abstractioոs (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/06/25 1:25 p.m.7 views

MAL-2024-4157 Malicious code in Be.Vlaanderеո.Basisregisters.BuildingRegistry.Aрi.Oslo.Abstractioոs (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:25 p.m.3 views

Malicious code in Be.Vlaanderеո.Basisregisters.BuildingRegistry.Aрi.Oslo.Abstractioոs (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:25 p.m.5 views

Malicious code in Be.Vlaandеren.Basisregisters.TicketіngService.Abstractions (NuGet)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder