6 matches found
EulerOS 2.0 SP9 : zstd (EulerOS-SA-2021-2286)
According to the versions of the zstd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with...
Persistent XSS in JIRA charting plugin Workload Pie Chart Report
The Workload Pie Chart Report included with the JIRA charting plugin contains a number of XSS vulnerabilities. This plugin is bundled with OnDemand. The configuration page contains an XSS vulnerability in custom field names. 1. Create a custom field with the name alert'custom field' 2. Try to...
Persistent XSS in JIRA charting plugin Workload Pie Chart Report
The Workload Pie Chart Report included with the JIRA charting plugin contains a number of XSS vulnerabilities. This plugin is bundled with OnDemand. The configuration page contains an XSS vulnerability in custom field names. 1. Create a custom field with the name alert'custom field' 2. Try to...
CVE-2010-0009
Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify 1 hashes or 2 passwords...
Information disclosure
Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify 1 hashes or 2 passwords...
CVE-2010-0009
Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify 1 hashes or 2 passwords...