AZL-34463 CVE-2024-25629 affecting package python-gevent for versions less than 21.1.2-3

c-ares is a C library for asynchronous DNS requests. aresreadline is used to parse local configuration files such as /etc/resolv.conf, /etc/nsswitch.conf, the HOSTALIASES file, and if using a c-ares version prior to 1.27.0, the /etc/hosts file. If any of these configuration files has an embedded...

PT-2024-1920 · C-Ares +9 · C-Ares +9

Name of the Vulnerable Software and Affected Versions: c-ares versions prior to 1.27.0 Description: The issue is related to the ares read line function in the c-ares library, which is used for asynchronous DNS requests. This function parses local configuration files such as /etc/resolv.conf,...

PT-2023-31775 · WordPress · Forminator

Name of the Vulnerable Software and Affected Versions: Forminator WordPress plugin versions prior to 1.27.0 Description: The issue arises from improper sanitization of the redirect-url field in form submission settings. This could allow high-privilege users, such as administrators, to inject...

ToolJet 资源管理错误漏洞

ToolJet is an extensible, low-code framework for building business applications from ToolJet.A denial-of-service vulnerability exists in ToolJet prior to version 1.27.0, which stems from improper handling of file size limits. An attacker could exploit this vulnerability to cause site downtime...