254 matches found
tornado: Tornado Quadratic DoS via Crafted Multipart Parameters
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values,...
tornado: Tornado Quadratic DoS via Crafted Multipart Parameters
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values,...
tornado: Tornado Quadratic DoS via Crafted Multipart Parameters
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values,...
tornado: Tornado Quadratic DoS via Crafted Multipart Parameters
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values,...
SUSE-SU-2026:20238-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header bsc1257440. - CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer...
SUSE-SU-2026:20339-1 Security update for libsoup
This update for libsoup fixes the following issues: - CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header bsc1257440. - CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer...
AZL-76370 CVE-2026-1536 affecting package libsoup for versions less than 3.4.4-12
A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...
CVE-2026-1536
A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...
UBUNTU-CVE-2026-1536
A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...
CVE-2026-1536
CVE-2026-1536 refers to a flaw in the libsoup HTTP library where an attacker able to control the Content-Disposition header input can inject CRLF sequences. This results in arbitrary HTTP header injection or HTTP response splitting without authentication. The connected IBM ACE bulletin documents ...
CVE-2026-1536 Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header
A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the upload arbitrary files. An attacker can execute arbitrary scripts in the context of another user's browser by uploading malicious HTML or SVG files that are then rendered from the same domain as the...
CVE-2026-23499 Saleor vulnerable to stored XSS via Unrestricted File Upload
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...
CVE-2026-23499
CVE-2026-23499 affects Saleor prior to fixes: versions 3.20.108, 3.21.43, and 3.22.27 contain a file-upload vulnerability allowing authenticated staff or Apps to upload arbitrary HTML/SVG files. If media is served from the same domain as the dashboard and Content-Disposition: attachment header is...
EUVD-2026-3775
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...
CVE-2026-23499 Saleor vulnerable to stored XSS via Unrestricted File Upload
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...
CVE-2026-23499
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...
tornado: Tornado Quadratic DoS via Crafted Multipart Parameters
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values,...
PT-2026-3867
Saleor is an e-commerce platform. Starting in version 3.0.0 and prior to versions 3.20.108, 3.21.43, and 3.22.27, Saleor allowed authenticated staff users or Apps to upload arbitrary files, including malicious HTML and SVG files containing Javascript. Depending on the deployment strategy, these...
MiracleLinux 3 : lftp-3.7.11-4.AXS3.3 (AXSA:2010-400:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2010-400:01 advisory. LFTP is a sophisticated ftp/http file transfer program. Like bash, it has job control and uses the readline library for input. It has bookmarks, built-in...