942 matches found
CVE-2024-36117 Path traversal while serving Reposilite javadoc expanded files
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...
Path Traversal
ai.djl,api is vulnerable to Path Traversal. The vulnerability is due to absolute path archived artifacts, allowing attackers to insert archived files directly into the system and overwrite system files...
Reposilite Security Vulnerabilities
Reposilite is a lightweight and easy-to-use repository manager for Maven-based artifacts in the JVM ecosystem by the individual developer dzikoysk. A security vulnerability exists in Reposilite versions prior to 3.5.12 that stems from being affected by arbitrary file reads via path traversal...
SUSE-SU-2024:1486-2 Security update for cosign
This update for cosign fixes the following issues: - CVE-2024-29902: Fixed denial of service on host machine via remote image with a malicious attachments bsc1222835 - CVE-2024-29903: Fixed denial of service on host machine via malicious software artifacts bsc1222837 Other fixes: - Updated to 2.2...
CVE-2024-37902
DeepJavaLibraryDJL is an Engine-Agnostic Deep Learning Framework in Java. DJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model...
CVE-2024-37902
Summary: CVE-2024-37902 affects the Java DeepJavaLibrary (DJL) up to version 0.27.0. The root cause is an absolute-path handling flaw in archived artifacts that can insert files directly into the system and overwrite system files. The issue is fixed in DJL v0.28.0 and also patched in the DJL Larg...
RLSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...
DR Restore - Internal error occurred: Could not retrieve artifacts for prefix
Challenge A Veeam Kasten for Kubernetes DR Restore fails with the following error: Internal error occurred: "message":"Could not retrieve artifacts for prefix...
No action was taken because the import artifacts already existed
Challenge Veeam Kasten for Kubernetes has smart logic built-in to perform intelligent actions. Assuming an Import job on the target cluster was successfully completed, unless there's a new restorepoint from the source cluster, the job won't run. This can happen if: there are no new restorepoints ...
GO-2024-2719 Cosign malicious artifacts can cause machine-wide DoS in github.com/sigstore/cosign
Cosign malicious artifacts can cause machine-wide DoS in github.com/sigstore/cosign...
BIT-GITLAB-2024-5318 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
CVE-2024-5318
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
CVE-2024-5318
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
UBUNTU-CVE-2024-5318
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
CVE-2024-5318 Improper Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
CVE-2024-5318 Missing Authorization in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts...
PT-2024-35626 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.11 through 16.10.6 GitLab CE/EE versions 16.11 through 16.11.3 GitLab CE/EE versions 17.0 through 17.0.1 Description: An issue has been discovered in GitLab CE/EE where a Guest user can view dependency lists of privat...
Moderate: Red Hat Security Advisory: Image builder components bug fix, enhancement and security update
An update for osbuild and osbuild-composer is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: Image builder components bug fix, enhancement and security update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...
ALSA-2024:2961 Moderate: Image builder components bug fix, enhancement and security update
Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Security Fixes: osbuild-composer: race condition may disable GPG verification for package repositories CVE-2024-2307 For more details about the security issues,...