CVE-2026-32236

CVE-2026-32236 affects the Backstage npm package @backstage/plugin-auth-backend. The SSRF flaw occurs in the CIMD metadata fetch when auth.experimentalClientIdMetadataDocuments.enabled is true: the initial client_id hostname is validated against private IP ranges, but this validation isn’t enforc...

CVE-2026-32236 @backstage/plugin-auth-backend: SSRF in experimental CIMD metadata fetch

Backstage is an open framework for building developer portals. Prior to 0.27.1, a Server-Side Request Forgery SSRF vulnerability exists in @backstage/plugin-auth-backend when auth.experimentalClientIdMetadataDocuments.enabled is set to true. The CIMD metadata fetch validates the initial clientid...

Server-side Request Forgery (SSRF)

Overview @backstage/plugin-auth-backend is an A Backstage backend plugin that handles authentication Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the CIMD metadata fetch when the auth.experimentalClientIdMetadataDocuments.enabled setting is enabled. An...

EUVD-2013-2430

Malware in sbrugna...

openSUSE Security Update : wireshark (openSUSE-SU-2013:0494-1)

wireshark was updated to 1.8.6 bnc807942 + vulnerabilities fixed : - The TCP dissector could crash. wnpa-sec-2013-10 CVE-2013-2475 - The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11 CVE-2013-2476 - The CSN.1 dissector could crash. wnpa-sec-2013-12 CVE-2013-2477 - The MS-MMS...

SuSE 10 Security Update : wireshark (ZYPP Patch Number 8500)

wireshark has been updated to 1.6.14 to fix bugs and security issues : Vulnerabilities fixed : - The sFlow dissector could go into an infinite loop. wnpa-sec-2012-32 CVE-2012-6054: The SCTP dissector could go into an infinite loop. wnpa-sec-2012-33 CVE-2012-6056: The MS-MMS dissector could crash...

SuSE 11.2 Security Update : wireshark (SAT Patch Number 7490)

wireshark has been updated to 1.8.6 which fixes bugs and security issues : Vulnerabilities fixed : - The TCP dissector could crash. wnpa-sec-2013-10. CVE-2013-2475 - The HART/IP dissectory could go into an infinite loop. wnpa-sec-2013-11. CVE-2013-2476 - The CSN.1 dissector could crash...

Debian DSA-2644-1 : wireshark - several vulnerabilities

Multiple vulnerabilities were discovered in the dissectors for the MS-MMS, RTPS, RTPS2, Mount, ACN, CIMD and DTLS protocols, which could result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

Wireshark 1.8.x < 1.8.6 Multiple Vulnerabilities

The installed version of Wireshark 1.8 is earlier than 1.8.6. It is, therefore, affected by the following vulnerabilities : - Errors exist in the CSN.1, CIMD, DTLS, Mount, MS-MMS, RTPS, RTPS2, and TCP dissectors that could allow them to crash. Bugs 8274, 8332, 8335, 8346, 8380, 8382 - Errors exis...

Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 (Mac OS X)

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulnmar13macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Wireshark Multiple Dissector Multiple DoS Vulnerabilities - March 13 Mac OS X Authors: Arun...

DEBIAN-CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

Code injection

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

UBUNTU-CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

CVE-2013-2484

Vulnerability: CVE-2013-2484 in Wireshark CIMD dissector. Affected software: Wireshark 1.6.x (before 1.6.14) and 1.8.x (before 1.8.6). Root cause/impact: A malformed CIMD protocol packet can cause the Wireshark application to crash, enabling a remote attacker to trigger a denial of service throug...

CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...