3646 matches found
Astro Cloudflare Adapter - Server Side Request Forgery
Astro is a web framework for content-driven websites. Versions 11.0.3 through 12.6.5 are vulnerable to SSRF when using Astro's Cloudflare adapter. When configured with output: 'server' while using the default imageService: 'compile', the generated image optimization endpoint doesn't check the URL...
CVE-2026-48597
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...
CVE-2026-48597 Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...
CVE-2026-48597 Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...
CVE-2026-48597
The vulnerability CVE-2026-48597 affects elixir-tesla (Tesla) where Tesla.Adapter.Mint.open_conn/2 converts each outgoing request URL scheme to a BEAM atom using String.to_atom(uri.scheme) without an allow-list. Since BEAM atoms are not garbage-collected, an attacker who can influence the request...
EUVD-2026-34013
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...
CVE-2026-48597
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...
EEF-CVE-2026-48597 Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint
Summary Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme wit...
EUVD-2026-33779
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-45840
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open conn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.to atomuri.scheme with no...
CVE-2026-0050
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0050
Technical details are not publicly available in the provided documents for CVE-2026-0050. Monitor for updates from official advisories.
CVE-2026-0050
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-45573
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-290364858
In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-25680 affecting package prometheus-adapter for versions less than 0.12.0-6
CVE-2026-25680 affecting package prometheus-adapter for versions less than 0.12.0-6. A patched version of the package is available...
CVE-2026-25681 affecting package prometheus-adapter for versions less than 0.12.0-6
CVE-2026-25681 affecting package prometheus-adapter for versions less than 0.12.0-6. A patched version of the package is available...
CVE-2026-42506 affecting package prometheus-adapter for versions less than 0.12.0-6
CVE-2026-42506 affecting package prometheus-adapter for versions less than 0.12.0-6. A patched version of the package is available...
CVE-2026-27136 affecting package prometheus-adapter for versions less than 0.12.0-6
CVE-2026-27136 affecting package prometheus-adapter for versions less than 0.12.0-6. A patched version of the package is available...
CVE-2026-42502 affecting package prometheus-adapter for versions less than 0.12.0-6
CVE-2026-42502 affecting package prometheus-adapter for versions less than 0.12.0-6. A patched version of the package is available...