CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2024-2551)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2385)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2360)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

Amazon Linux 2023 : docker (ALAS2023-2024-674)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-674 advisory. 2024-08-28: CVE-2024-29018 was added to this advisory. 2024-08-28: CVE-2024-24786 was added to this advisory. The protojson.Unmarshal function can enter an infinite loop when unmarshaling certa...

GHSA-V23V-6JW2-98FQ Authz zero length regression

A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being exploited is low. This advisory outlines the issue, identifies the affected versions...

Authz zero length regression

A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being exploited is low. This advisory outlines the issue, identifies the affected versions...

AZL-47042 CVE-2024-41110 affecting package moby-engine for versions less than 24.0.9-7

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

CVE-2024-41110 Moby authz zero length regression

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

CVE-2024-41110

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

SUSE CVE-2010-3315

authz.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz shortcircuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass...

subversion: svn_repos_trace_node_locations() reveals paths hidden by authz

It was found that when an SVN server both svnserve and httpd with the moddavsvn module searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable for example, if it had been moved...

DEBIAN-CVE-2010-3315

authz.c in the moddavsvn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz shortcircuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass...