libheif 缓冲区错误漏洞

LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability stems from excessive heap buffer reading in the HeifPixelImage::overlay function, where a...

CVE-2025-68945

In Gitea before 1.21.2, an anonymous user can visit a private user's project...

CVE-2025-68945

The CVE-2025-68945 issue affects Gitea prior to 1.21.2, where an anonymous user could visit a private user’s project, potentially exposing project details. Connected advisories (OSV entries and vendor/go-sources) confirm the vulnerability in Gitea’s routing layers (e.g., routers/api/v1 and router...

PT-2025-53447

Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.21.2 Description An anonymous user can access a private user's project. Recommendations Update to version 1.21.2 or later...

AZL-53235 CVE-2024-10524 affecting package wget for versions less than 1.21.2-4

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host...