8 matches found
Duplicate Advisory: transpose: Buffer overflow due to integer overflow
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5gmm-6m36-r7jh. This link is maintained to preserve external references. Original Description The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...
GHSA-J87P-GJR6-M4PV Duplicate Advisory: serde-json-wasm stack overflow during recursive JSON parsing
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rr69-rxr6-8qwf. This link is maintained to preserve external references. Original Description The serde-json-wasm crate before 1.0.1 for Rust allows stack consumption via deeply nested JSON data...
GHSA-4MVM-XH8J-FV27 Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x2xw-hw8g-6773. This link is maintained to preserve external references. Original Description versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may ...
GHSA-4FRV-5FJ6-4P25 Duplicate Advisory: NATS.io: Adding accounts for just the system account adds auth bypass
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-fr2g-9hjm-wr23. This link is maintained to preserve external references. Original Description NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. An implicit $G user in an...
GHSA-J93V-CX26-2XC4 Duplicate Advisory: Cross-site Scripting (XSS) in Predefined Properties delete
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q7cc-m6jw-m262. This link is maintained to preserve external references. Original DescriptionCross-site Scripting XSS - Reflected in GitHub repository pimcore/pimcore prior to 10.5.21...
GHSA-3CGW-HFW7-WC7J Duplicate Advisory: Grafana Stored Cross-site Scripting vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qrrg-gw7w-vp76. This link is maintained to preserve external references. Original Description Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the...
GHSA-9GGP-4JPR-7PPJ Duplicate Advisory: Possible remote code execution via a remote procedure call
Withdrawn: duplicate of GHSA-pj4g-4488-wmxm Original Description In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...
Re: CSSA-2003-007.0 Advisory withdrawn.
-----BEGIN PGP SIGNED MESSAGE----- Just to clarify this a bit further, the moddav module for Apache is not vulnerable to the format string vulnerability as outlined in the original advisory from SCO, CAN-2002-0842 moddav contains code that logs various errors and uses aplogrerror to do so. In...