4 matches found
PT-2026-4315
Name of the Vulnerable Software and Affected Versions container versions prior to 0.8.0 containerization versions prior to 0.21.0 Description The ArchiveReader.extractContents function, utilized by cctl image load and container image load, lacks proper pathname validation during archive extractio...
qwik 代码注入漏洞
qwik is a micro web framework. A code injection vulnerability exists in versions prior to qwik 0.21.0. An attacker could exploit this vulnerability to perform a code injection attack...
PT-2023-32945 · Httparty +3 · Httparty +3
Name of the Vulnerable Software and Affected Versions: httparty versions prior to 0.21.0 Description: A remote and unauthenticated attacker can provide a crafted filename parameter during multipart/form-data uploads, which could result in attacker-controlled filenames being written. This issue is...
CVE-2020-26571
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in scpkcs15emugemsafeGPKinit...