4 matches found
EUVD-2026-19736
pyload-ng: Authorization Bypass for SSL Certificate/Key Configuration Due to Option Name Mismatch in pyload-ng...
CVE-2026-35586
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the ADMINONLYCOREOPTIONS authorization set in setconfigvalue uses incorrect option names sslcert and sslkey, while the actual configuration option names are sslcertfile and sslkeyfile. This name mismatch...
SUSE CVE-2025-24976
Distribution is a toolkit to pack, ship, store, and deliver container content. Systems running registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token authentication enabled may be vulnerable to an issue in which token authentication allows an attacker to inject an untrusted signing key in a...
PT-2025-6252
Name of the Vulnerable Software and Affected Versions: Distribution versions 3.0.0-beta.1 through 3.0.0-rc.2 Description: The issue lies in how the JSON web key JWK verification is performed. When a JSON web token JWT contains a JWK header without a certificate chain, the code only checks if the...