5141 matches found
Anyscale Ray 2.6.3 and 2.8.0 - Server-Side Request Forgery
The Ray Dashboard API is affected by a Server-Side Request Forgery SSRF vulnerability in the url parameter of the /logproxy API endpoint. The API does not perform sufficient input validation within the affected parameter and any HTTP or HTTPS URLs are accepted as valid. id: CVE-2023-48023 info:...
Strapi Versions <=4.5.6 - Authentication Bypass
Strapi through 4.5.5 does not verify the access or ID tokens issued during the OAuth flow when the AWS Cognito login provider is used for authentication. A remote attacker could forge an ID token that is signed using the 'None' type algorithm to bypass authentication and impersonate any user that...
CVE-2026-15508 Helicone ai-gateway AWS Metadata Service service.rs build_target_url server-side request forgery
A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function buildtargeturl of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extractedpathandquery can lead to server-side request forgery...
CVE-2026-15508
Helicone ai-gateway (up to 0.2.0-beta.30) is affected. The flaw is in the AWS Metadata Service component, specifically the build_target_url function in ai-gateway/src/dispatcher/service.rs, where manipulating extracted_path_and_query can trigger server-side request forgery. Exploitation is possib...
PT-2026-57575
A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function build target url of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extracted path and query can lead to server-side request...
GHSA-9VCR-P3RJ-Q5Q6 vulnerabilities
Vulnerabilities for packages: tkn, cloudbeat, tekton-chains, trivy-operator-fips, crossplane, kubescape-server, kyverno-notation-aws, kubescape-server-fips, tflint, zarf, teleport, kubescape, kyverno-fips, spire-server-fips, gitsign, neuvector-sigstore-interface, trivy, kyverno,...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-resizer-fips, sftpgo-plugin-pubsub, boring-registry, crossplane-provider-aws-emr, newrelic-k8s-metadata-injection-fips, amazon-eks-ami-fips, prometheus-redis-exporter-fips, crossplane-provider-aws-iot, stakater-reloader,...
GHSA-FF52-PH69-CF7X vulnerabilities
Vulnerabilities for packages: scorecard, percona-server-mongodb-operator, rancher, step-issuer, gitaly, cue, gatus, neuvector-scanner, gostatsd, prometheus, govulncheck, kyverno-policy-reporter-kyverno-plugin, pluto, aws-flb-cloudwatch, x509-certificate-exporter, pulumi-kubernetes-operator, nucle...
CVE-2026-31589 vulnerabilities
Vulnerabilities for packages: linux-aws...
CVE-2026-42505 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-resizer-fips, sftpgo-plugin-pubsub, boring-registry, crossplane-provider-aws-emr, newrelic-k8s-metadata-injection-fips, amazon-eks-ami-fips, prometheus-redis-exporter-fips, crossplane-provider-aws-iot, stakater-reloader,...
CVE-2026-53226 vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
CVE-2026-53162 vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
CVE-2026-53151 vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
CVE-2026-53187 vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
CVE-2026-53179 vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
CVE-2026-53211 vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
GHSA-VCCQ-H5J4-92QR vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
GHSA-VG6G-9H68-878W vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
GHSA-VHJQ-V866-4C7F vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...
GHSA-FP35-JCPC-9WWG vulnerabilities
Vulnerabilities for packages: linux-qemu-melange, linux-qemu, linux-gcp, linux-azure, linux-aws, linux-vmware...