664 matches found
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the mirror-target and mirror-host annotations. Remediation Upgrade github.com/kubernetes/ingress-nginx/internal/ingress/controller/template to version 1.11.5, 1.12.1, 4.11.5, 4.12.1 or higher. Reference...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the mirror-target and mirror-host annotations. Remediation Upgrade k8s.io/ingress-nginx/internal/ingress/controller/template to version 1.11.5, 1.12.1, 4.11.5, 4.12.1 or higher. References - GitHub Comm...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the Admission Controller feature, by manipulating the filename to include attacker-controlled data. Remediation Upgrade k8s.io/ingress-nginx/internal/ingress/annotations/auth to version 1.11.5, 1.12.1,...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the Admission Controller feature, by manipulating the filename to include attacker-controlled data. Remediation Upgrade github.com/kubernetes/ingress-nginx/internal/ingress/annotations/auth to version...
CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
GHSA-HH3M-G4QJ-4835 Spring Security Vulnerable to Authorization Bypass via Security Annotations
Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass. You are not affected if you are not using @EnableMethodSecurity, or you do not have method security annotations on parameterized types or...
Spring Security Vulnerable to Authorization Bypass via Security Annotations
Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass. You are not affected if you are not using @EnableMethodSecurity, or you do not have method security annotations on parameterized types or...
CVE-2025-22223
Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass. You are not affected if you are not using @EnableMethodSecurity, or you do not have method security annotations on parameterized types or...
CVE-2025-22223
Spring Security 6.4.0 - 6.4.3 may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass. You are not affected if you are not using @EnableMethodSecurity, or you do not have method security annotations on parameterized types or...
Kubernetes ingress-nginx 输入验证错误漏洞
Ingress NGINX Controller is an open source portal controller that uses NGINX as a reverse proxy and load balancer. Ingress NGINX Controller suffers from a remote code execution vulnerability that stems from the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary...
Malicious code in animated_vector_annotations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3b53362867f99721ff884fb86d3d8f5ccc5bcb1d9abb33b7b67f8fd7fe4408c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2031 Malicious code in animated_vector_annotations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3b53362867f99721ff884fb86d3d8f5ccc5bcb1d9abb33b7b67f8fd7fe4408c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-49420
In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...
CVE-2022-49345
In the Linux kernel, the following vulnerability has been resolved: net: xfrm: unexport init-annotated xfrm4protocolinit EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The access to ...
UBUNTU-CVE-2022-49420
In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...
CVE-2022-49420 net: annotate races around sk->sk_bound_dev_if
In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...
CVE-2022-49420
CVE-2022-49420 documents a data race in the Linux kernel involving UDP path: UDP sendmsg() reads sk->sk_bound_dev_if while it can be changed by another thread, and UDP wake/receive paths around __ip6_datagram_connect and udpv6_sendmsg. The issue is in net/ipv6/udp.c and related dgram/connect c...
CVE-2022-49420
In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...
CVE-2022-49420 net: annotate races around sk->sk_bound_dev_if
In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...
gcc-toolset-14-annobin bug fix and enhancement update
An update is available for gcc-toolset-14-annobin. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This package contains the tools needed to annotate binary file...