Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/03/06 12:0 a.m.11 views

CoreDNS 安全漏洞

CoreDNS is a DNS server within the CoreDNS community. Versions of CoreDNS prior to 1.14.2 contained a security vulnerability. This vulnerability stemmed from a logical flaw in the default execution order of plugins, which could lead to bypassing DNS access controls...

7.7CVSS7.4AI score0.00376EPSS
Exploits0References3
OSV
OSV
added 2024/05/14 3:42 p.m.2 views

AZL-42331 CVE-2024-3727 affecting package skopeo for versions less than 1.14.2-4

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks...

8.3CVSS6.6AI score0.01279EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/26 12:0 a.m.3 views

PT-2023-26893 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.14.2 Cilium versions prior to 1.13.7 Cilium versions prior to 1.12.14 Description: Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update po...

9CVSS6.8AI score0.0046EPSS
Exploits1References18
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.2 views

SUSE CVE-2020-12603

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small i.e. 1 byte data frames...

7.5CVSS7.9AI score0.01448EPSS
Exploits0References10
OSV
OSV
added 2021/08/18 3:15 p.m.5 views

AZL-36945 CVE-2021-37714 affecting package jsoup 1.11.3-4

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/18 12:0 a.m.0 views

Github jsoup 安全漏洞

Github jsoup is a Java library for working with real-world HTML. A security vulnerability exists in Github jsoup versions prior to 1.14.2 that can lead to a denial of service in jsoup...

7.5CVSS6.7AI score0.06873EPSS
Exploits0References41
CNVD
CNVD
added 2019/12/19 12:0 a.m.4 views

Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03708)

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...

4.8CVSS6.4AI score0.00552EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/19 12:0 a.m.3 views

Backdrop CMS Cross-Site Scripting Vulnerability (CNVD-2020-03709)

Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS version 1.13.x before 1.13.5 and version 1.14.x before 1.14.2. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker...

4.8CVSS6.4AI score0.00552EPSS
Exploits0References1
Rows per page
Query Builder