514 matches found
Diesel: Possible unaligned data access for implementations of `SqliteAggregate`
Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...
GHSA-Q8X8-JRHJ-FH9P Diesel: Possible unaligned data access for implementations of `SqliteAggregate`
Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: postgresql-13 (UTSA-2026-017349)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017349 advisory. A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls wit...
CVE-2026-41422
Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.4, the /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed...
CVE-2026-41422
Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.4, the /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed...
CVE-2026-41422 Daptin vulnerable to SQL injection via unvalidated goqu.L() calls in aggregate API
Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.4, the /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed...
CVE-2026-41422
Daptin (CVE-2026-41422) exposes SQL injection in the /aggregate/:typename endpoint via unvalidated user input passed to goqu.L() in server/resource/resource_aggregate.go. Root cause: user-controlled column/group parameters were inserted directly into SQL without validation, bypassing parameteriza...
CVE-2026-41422 Daptin vulnerable to SQL injection via unvalidated goqu.L() calls in aggregate API
Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.4, the /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed...
daptin SQL注入漏洞
Daptin is an open-source content management system developed by Daptin developers. Versions of Daptin prior to 0.11.4 contained a SQL injection vulnerability. This vulnerability stemmed from the /aggregate/:typename endpoint, which did not validate the column and query parameters. As a result,...
Astra Linux - уязвимость в python-django
A issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. Methods like QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are vulnerable to SQL injection when column aliases are used, especially when a properly crafted dictionary is passed...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/meson: Explicitly remove the aggregate driver at module unload time. Since componentmasterdel was not called when unloading the mesondrm module, the aggregate device would remain in the global aggregatedevices list...
Astra Linux - уязвимость в sqlite3
There is a vulnerability in SQLite versions before 3.50.2, where the number of aggregate terms can exceed the number of available columns. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or higher...
Astra Linux - уязвимость в libreoffice
Improper validation of the array index vulnerability in The Document Foundation LibreOffice’s spreadsheet component allows an attacker to create a spreadsheet document that causes an array index underflow upon loading. In the affected versions of LibreOffice, certain malformed spreadsheet formula...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This happens whe...
Possible unaligned data access for implementations of `SqliteAggregate`
Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...
RUSTSEC-2026-0137 Possible unaligned data access for implementations of `SqliteAggregate`
Diesel allows to register custom aggregate SQL functions for SQLite via the SqliteAggregate interface. To store an instance of the custom aggregate processor Diesel relied on the sqlite3aggregatecontext function provided by sqlite. This function doesn't provide any guarantees about alignment of t...
GHSA-RW2C-8RFQ-GWFV Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API
Summary The /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed authenticated users with any valid session to inject arbitrary S...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the aggregate API endpoint when unvalidated user input is passed to the goqu.L function. An attacker can execute arbitrary SQL commands and access sensitive database information by supplying crafted values to the colum...
Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API
Summary The /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim to goqu.L — a raw SQL literal expression builder — without any validation. This bypassed all parameterization and allowed authenticated users with any valid session to inject arbitrary S...
PT-2026-34606
Name of the Vulnerable Software and Affected Versions Daptin versions prior to 0.11.4 Description The '/aggregate/:typename' endpoint accepts column and group query parameters that are passed without validation to goqu.L, a raw SQL literal expression builder. This bypasses parameterization,...