dify 安全漏洞

Dify is an open-source LLM application development platform developed by LangGenius. Versions of Dify prior to 1.13.1 contained a security vulnerability. This vulnerability stemmed from insufficient authorization checks in the DELETE /console/api/installed-apps//conversations/ method, which could...

Sylius 跨站脚本漏洞

Sylius is an open source e-commerce platform based on the Symfony framework from the Polish company Sylius. A cross-site scripting vulnerability exists in Sylius versions 1.12.16 and prior to 1.13.1, which can be exploited to execute javascript code in the admin panel...

Judge0 CE 安全漏洞

Judge0 CE is an open source online code execution system from Judge0 Open Source. A security vulnerability exists in Judge0 CE versions prior to 1.13.1, which originates from an application using UNIX commands on untrusted files inside the sandbox, and can be exploited by an attacker to create...

libvpx Security Vulnerabilities

libvpx is a library. A security vulnerability exists in versions prior to libvpx 1.13.1 that stems from incorrectly handling widths, causing a crash related to coding...

HashiCorp Vault 安全漏洞

HashiCorp Vault is a private key access management tool from the US-based HashiCorp. A security vulnerability exists in HashiCorp Vault versions prior to 1.13.1, prior to 1.12.5, and prior to 1.11.9, which originates from a mounted issuer endpoint that can delete an issuer or modify issuer...

vega-util input validation error vulnerability

vega-util is a JavaScript utility program for Vega. The program provides a function generator, type checker, log messages, and more. An input validation error vulnerability exists in versions of vega-util prior to 1.13.1. The vulnerability stems from a networked system or product that does not...

UBUNTU-CVE-2019-16276

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling...