6 matches found
BIT-SEAWEEDFS-2026-54917 SeaweedFS: Path traversal in the S3 and Iceberg REST gateways allows cross-bucket access
SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...
CVE-2026-54917
SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...
Exploit for CVE-2024-7954
RCECVE-2024-7954- The porteplume plugin used by SPIP before...
Cpanel::JSON::XS Security Vulnerability
Cpanel::JSON::XS is a tool for converting Perl data structures to JSON. A security vulnerability exists in the Cpanel::JSON::XS package prior to version 4.33 that could allow an attacker to obtain sensitive information or cause a denial of service DOS...
PT-2023-32753
Name of the Vulnerable Software and Affected Versions huggingface/transformers versions prior to 4.36.0 Description The issue is related to the deserialization of untrusted data in the huggingface/transformers GitHub repository. Recommendations For versions prior to 4.36.0, update to version 4.36...
UBUNTU-CVE-2014-3480
The cdfcountchain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service application crash via a crafted CDF file...