fugit 安全漏洞

fugit is a floraison open source time tool for Ruby, rufus-scheduler and flor. A security vulnerability exists in versions of fugit prior to 1.11.1, which stems from improper user input length checking, and may result in a thread being occupied for an extended period of time without being able to...

AZL-39749 CVE-2024-22189 affecting package coredns for versions less than 1.11.1-2

quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its peer to run out of memory sending a large number of NEWCONNECTIONID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a...

AZL-34944 CVE-2023-48795 affecting package libssh2 for versions less than 1.11.1-1

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

DataGear 跨站脚本漏洞

DataGear is an open source and free data visualization and analysis platform from DataGear, Inc. A cross-site scripting vulnerability exists in versions of DataGear prior to 1.11.1, which stems from an issue with the component Graph Dataset Handler that can lead to cross-site scripting...

CVE-2022-25838

Laravel Fortify before 1.11.1 allows reuse within a short time window, thus calling into question the "OT" part of the "TOTP" concept...

PT-2020-15250 · Kata Containers · Kata Containers

Name of the Vulnerable Software and Affected Versions: Kata Containers versions prior to 1.11.1 Kata Containers versions prior to 1.10.5 Kata Containers version 1.9 and earlier Description: A malicious guest compromised before a container creation, such as a malicious guest image or a guest runni...