54 matches found
CVE-2026-34231
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231
The CVE-2026-34231 entry is connected to a real advisory: GHSA-w7rv-gfp4-j9j3 describes an XSS in the Django package slippers, specifically in the {% attrs %} template tag. Root cause: AttrsNode renders without auto-escaping, and the custom Node.render path does not apply escaping, causing untrus...
CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
CVE-2026-34231 Slippers: Cross-Site Scripting (XSS) in `attrs` Template Tag
Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML...
GHSA-W7RV-GFP4-J9J3 Slippers Vulnerable to Cross-Site Scripting (XSS) in `attrs` Template Tag
Summary A Cross-site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML attribute string without escaping, allowing an attacker to break o...
Slippers Vulnerable to Cross-Site Scripting (XSS) in `attrs` Template Tag
Summary A Cross-site Scripting XSS vulnerability exists in the % attrs % template tag of the slippers Django package. When a context variable containing untrusted data is passed to % attrs %, the value is interpolated into an HTML attribute string without escaping, allowing an attacker to break o...
Cross-site Scripting (XSS)
Overview slippers is a Build reusable components in Django without writing a single line of Python. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the attrstring function of the % attrs % template tag, which fails to escape user-supplied values interpolated into...
CVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
UBUNTU-CVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
EUVD-2026-5893
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
CVE-2026-23144 mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the DAMON sysfs context directory setup, resulting in the uncleaned retention of t...
UBUNTU-CVE-2022-50561
In the Linux kernel, the following vulnerability has been resolved: iio: fix memory leak in iiodeviceregistereventset When iiodeviceregistersysfsgroup returns failed, iiodeviceregistereventset needs to free attrs array. Otherwise, kmemleak would scan & report memory leak as below: unreferenced...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to free the attrs array when the iiodeviceregistersysfsgroup call fails in the...
SUSE CVE-2024-53066
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
AZL-53909 CVE-2024-53066 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
DEBIAN-CVE-2024-53066
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...
CVE-2024-53066 nfs: Fix KMSAN warning in decode_getfattr_attrs()
In the Linux kernel, the following vulnerability has been resolved: nfs: Fix KMSAN warning in decodegetfattrattrs Fix the following KMSAN warning: CPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B Tainted: B=BADPAGE Hardware name: QEMU Standard PC Q35 + ICH9, 2009...