933 matches found
CVE-2023-36816
2FA is a Web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Cross site scripting XSS injection can be done via the account/service field. This was tested in docker-compose environment. This vulnerability has been patched in version 4.0.3...
Cross site scripting
2FA is a Web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Cross site scripting XSS injection can be done via the account/service field. This was tested in docker-compose environment. This vulnerability has been patched in version 4.0.3...
CVE-2023-36816 Cross-Site Scripting (XSS) at Account creation in 2FAuth
2FA is a Web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Cross site scripting XSS injection can be done via the account/service field. This was tested in docker-compose environment. This vulnerability has been patched in version 4.0.3...
CVE-2023-36816 Cross-Site Scripting (XSS) at Account creation in 2FAuth
2FA is a Web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Cross site scripting XSS injection can be done via the account/service field. This was tested in docker-compose environment. This vulnerability has been patched in version 4.0.3...
CVE-2023-36816 Cross-Site Scripting (XSS) at Account creation in 2FAuth
2FA is a Web app to manage Two-Factor Authentication 2FA accounts and generate their security codes. Cross site scripting XSS injection can be done via the account/service field. This was tested in docker-compose environment. This vulnerability has been patched in version 4.0.3...
Critical Photon OS Security Update - PHSA-2023-4.0-0417
Updates of 'protobuf', 'ntp', 'binutils-aarch64-linux-gnu', 'libXi', 'nodejs', 'kube-bench', 'libtiff', 'libarchive', 'docker-compose', 'binutils', 'bindutils', 'samba-client' packages of Photon OS have been released...
This Week in Spring - June 27th, 2023
Hi Spring fans! Welcome to another installment of This Week in Spring! This week I am in Seoul talking to developers about the latest-and-greatest in Spring Boot 3! There's so much great stuff coming, and so much great stuff already. There are a few things I'm super excited about. First, yesterda...
Important Photon OS Security Update - PHSA-2023-3.0-0604
Updates of 'binutils', 'docker-compose' packages of Photon OS have been released...
Important Photon OS Security Update - PHSA-2023-5.0-0038
Updates of 'docker-compose' packages of Photon OS have been released...
Docker Compose Support in Spring Boot 3.1
Docker Compose support in Spring Boot 3.1 builds on top of the ConnectionDetails abstraction, which we've featured in a separate blog post. If you haven't already read it, please do so before reading this post. Docker Compose "is a tool for defining and running multi-container Docker applications...
Spring Boot 3.1's ConnectionDetails abstraction
If you've used Spring Boot for a while, you're probably familiar with setting up connection details using properties. For example, you may have used spring.datasource.url to configure a JDBC connection. In Spring Boot 3.1 this continues to work as you'd expect, but we've changed things a bit unde...
CVE-2023-33979
gptacademic provides a graphical interface for ChatGPT/GLM. A vulnerability was found in gptacademic 3.37 and prior. This issue affects some unknown processing of the component Configuration File Handler. The manipulation of the argument file leads to information disclosure. Since no sensitive...
Information disclosure
gptacademic provides a graphical interface for ChatGPT/GLM. A vulnerability was found in gptacademic 3.37 and prior. This issue affects some unknown processing of the component Configuration File Handler. The manipulation of the argument file leads to information disclosure. Since no sensitive...
CVE-2023-33979 gpt_academic's Configuration File vulnerable to File Information Disclosure
gptacademic provides a graphical interface for ChatGPT/GLM. A vulnerability was found in gptacademic 3.37 and prior. This issue affects some unknown processing of the component Configuration File Handler. The manipulation of the argument file leads to information disclosure. Since no sensitive...
CVE-2023-33979
The CVE-2023-33979 issue affects gpt_academic (3.37 and earlier), where improper handling of the Configuration File Handler allows manipulation of the file argument resulting in information disclosure. Read access via the /file route can leak sensitive information from working directories, partic...
CVE-2023-33979 gpt_academic's Configuration File vulnerable to File Information Disclosure
gptacademic provides a graphical interface for ChatGPT/GLM. A vulnerability was found in gptacademic 3.37 and prior. This issue affects some unknown processing of the component Configuration File Handler. The manipulation of the argument file leads to information disclosure. Since no sensitive...
This Week in Spring - May 16th 2023
My friends, Spring Boot 3.1 is nearly upon us! It drops on 18 May, in just a few short days! There are a ton of amazing features in this new release and I hope you're already trying it out you know where. Here are some of my favorite features: Built in Docker Compose support - Have a...
Mutagen 安全漏洞
Mutagen is a new remote development tool that enables your existing local tools to work with code in remote environments such as cloud servers and containers. A security vulnerability exists in Mutagen versions prior to 0.16.6, 0.17.1, and mutagen-compose prior to 0.17.1, which stems from the...
PT-2023-22999 · Mutagen +1 · Mutagen +1
Name of the Vulnerable Software and Affected Versions: Mutagen versions prior to 0.16.6 Mutagen versions prior to 0.17.1 mutagen-compose versions prior to 0.17.1 Description: The issue affects Mutagen's list and monitor commands, making them susceptible to control characters provided by remote...
[SECURITY] Fedora 37 Update: rubygem-actionmailer-7.0.4.3-1.fc37
Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments...