8 matches found
CoreDNS 安全漏洞
CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.2 contained a security vulnerability. This vulnerability stemmed from a logical flaw in the default execution order of plugins, which could lead to bypassing DNS access controls...
AZL-42331 CVE-2024-3727 affecting package skopeo for versions less than 1.14.2-4
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...
PT-2023-26893 · Cilium · Cilium
Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.14.2 Cilium versions prior to 1.13.7 Cilium versions prior to 1.12.14 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update po...
SUSE CVE-2020-12603
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small i.e. 1 byte data frames...
AZL-36945 CVE-2021-37714 affecting package jsoup 1.11.3-4
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...
Github jsoup 安全漏洞
Github jsoup is a Java library for working with real-world HTML. A security vulnerability exists in Github jsoup versions prior to 1.14.2 that can lead to a denial of service in jsoup...
Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03708)
Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...
Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03709)
Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...