87 matches found
Design/Logic Flaw
OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using File.createTempFile in JDK will result in creating and using insecure temporary files that can leave application and system data...
CVE-2021-21430
OpenAPI Generator contains a vulnerability where code generated for Java/Scala performs insecure temporary file creation via File.createTempFile, risking exposure of application/data when handling binary uploads/downloads. Affected generators include Java (jersey2, okhttp-gson default) and scala-...
CVE-2021-21428
Openapi generator is a java tool which allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. openapi-generator-online creates insecure temporary folders with File.createTempFile during the code generation...
CVE-2021-21428
CVE-2021-21428 affects the OpenAPI Generator project. The issue originates in the openapi-generator-online component, where temporary folders/files were created using File.createTempFile, allowing other users on the same system to read and potentially modify the auto-generated files. Root cause d...
CVE-2021-21429
OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using File.createTempFile in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to...
SUSE: Security Advisory (SUSE-SU-2016:2505-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to a remote code execution vulnerability (CVE-2020-4682)
Summary An issue was found within the IBM MQ Java and JMS client libraries that could allow an attacker to execute a remote code execution attack through the IBM MQ Java and JMS client libraries in an Integration Server image. Vulnerability Details CVEID: CVE-2020-4682 DESCRIPTION: IBM MQ 7.5, 8....
Security Bulletin: IBM MQ is vulnerable to a remote code execution vulnerability (CVE-2020-4682)
Summary An issue was found within the IBM MQ Java and JMS client libraries that could allow an attacker to execute a remote code execution attack. Vulnerability Details CVEID: CVE-2020-4682 DESCRIPTION: IBM MQ could allow a remote attacker to execute arbitrary code on the system, caused by an...
[SECURITY] Fedora 32 Update: spice-gtk-0.39-1.fc32
Client libraries for SPICE desktop servers...
[SECURITY] Fedora 33 Update: spice-gtk-0.39-1.fc33
Client libraries for SPICE desktop servers...
Buffer Overflow
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Denial Of Service (DoS)
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Buffer Overflow
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Memory Corruption
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Denial Of Service (DoS)
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Denial Of Service (DoS)
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Integer Overflow
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Integer Overflow
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
Integer Overflows
The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...
SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP
SSRF protocol smuggling involves an attacker injecting one TCP protocol into a dissimilar TCP protocol. A classic example is using gopher i.e. the first protocol to smuggle SMTP i.e. the second protocol: 1 |...