3 matches found
JLSEC-2025-317 A vulnerability was found in LibTIFF up to 4.7.0
A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function gethistogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been disclosed to the publi...
PT-2024-40110 · Amazon · Cloudwatch +2
Name of the Vulnerable Software and Affected Versions: SageMaker Training Toolkit versions 4.7.0 through 4.7.4 Description: The issue concerns the logging of authorization tokens for CodeArtifact in log files when the CodeArtifact capability is enabled. These tokens have an expiration of 12 hours...
PT-2020-15408 · Jenkins · Jenkins Echarts Api Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins ECharts API Plugin versions 4.7.0-3 and earlier Description: The issue results in a stored cross-site scripting vulnerability due to the failure to escape the display name of the builds in the trend chart. This can be exploited by use...