Lucene search
+L

14 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

SUSE SLES15 Security Update : apptainer (SUSE-SU-2026:2609-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2609-1 advisory. This update for apptainer fixes the following issues - CVE-2026-24137: github.com/sigstore/sigstore/pkg/tuf: legacy TUF client allows for...

10CVSS7.2AI score0.01557EPSS
Exploits1References46
CVE
CVE
added 2026/06/08 12:58 p.m.29 views

CVE-2026-49233

CVE-2026-49233 affects Routinator. The issue is improper validation of the module component in rsync URIs used to construct cache filesystem paths, enabling path traversal through a module name containing ‘..’. This could grant an attacker access to the entire Routinator rsync cache. The connecte...

8.3CVSS5.4AI score0.00433EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.14 views

PT-2026-44160

Name of the Vulnerable Software and Affected Versions compliance-trestle version 4.0.2 Description The remote fetching cache mechanism in the HTTPSFetcher and SFTPFetcher classes fails to sanitize path traversal sequences ../ when constructing local cache file paths from URL path components. An...

7.1CVSS6.3AI score0.00047EPSS
Exploits0References9
Amazon
Amazon
added 2026/04/01 12:0 a.m.8 views

Medium: runfinch-finch

Issue Overview: Fulcio is a certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.5, Fulcio's metaRegex function uses unanchored regex, allowing attackers to bypass MetaIssuer URL validation and trigger SSRF to arbitrary internal services...

7.5CVSS6.9AI score0.00728EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2026/01/23 12:4 a.m.5 views

CVE-2026-24137

sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client pkg/tuf/client.go supports caching target files to disk. It constructs a filesystem path by joining a cache base directory with a target name sourced from...

5.8CVSS5.5AI score0.0037EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/01/22 8:28 p.m.7 views

GHSA-FCV2-XGW5-PQXF sigstore legacy TUF client allows for arbitrary file writes with target cache path traversal

Summary The legacy TUF client pkg/tuf/client.go, which supports caching target files to disk, constructs a filesystem path by joining a cache base directory with a target name sourced from signed target metadata, but it does not validate that the resulting path stays within the cache base...

5.8CVSS5.8AI score0.0037EPSS
Exploits0References6
OSV
OSV
added 2025/07/23 12:46 p.m.5 views

SUSE-SU-2025:02499-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...

9.6CVSS6.7AI score0.00982EPSS
Exploits0References26
SUSE Linux
SUSE Linux
added 2025/07/23 12:45 p.m.8 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:44 p.m.7 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:44 p.m.7 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:43 p.m.6 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:43 p.m.7 views

Security update 5.0.5 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...

9.6CVSS7.6AI score0.00982EPSS
Exploits0References52
SUSE Linux
SUSE Linux
added 2025/07/23 12:41 p.m.8 views

Security update 5.0.5 for Multi-Linux Manager Client Tools

This update fixes the following issues: salt: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal vulnerability in...

9.6CVSS7.5AI score0.00982EPSS
Exploits0References74
OSV
OSV
added 2024/06/27 7:15 a.m.13 views

UBUNTU-CVE-2024-22231

Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master...

5CVSS5.9AI score0.00693EPSS
Exploits0References3
Rows per page
Query Builder