CVE-2026-24047

Backstage is an open framework for building developer portals, and @backstage/cli-common provides config loading functionality used by the backend and command line interface of Backstage. Prior to version 0.1.17, the resolveSafeChildPath utility function in @backstage/backend-plugin-api, which is...

@backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain Bypass

Impact The resolveSafeChildPath utility function in @backstage/backend-plugin-api, which is used to prevent path traversal attacks, failed to properly validate symlink chains and dangling symlinks. An attacker could bypass the path validation by: 1. Symlink chains: Creating link1 → link2 → /outsi...

GHSA-2P49-45HJ-7MC9 @backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain Bypass

Impact The resolveSafeChildPath utility function in @backstage/backend-plugin-api, which is used to prevent path traversal attacks, failed to properly validate symlink chains and dangling symlinks. An attacker could bypass the path validation by: 1. Symlink chains: Creating link1 → link2 → /outsi...

EUVD-2017-18394

Malware in sbrugna...

SUSE CVE-2017-9461

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...

samba security, bug fix, and enhancement update

4.15.5-5 - resolves: rhbz2064325 - Fix 'create krb5 conf = yes' when a KDC has a single IP address. 4.15.5-4 - resolves: rhbz2057503 - Fix winbind kerberos ticket refresh 4.15.5-3 - related: rhbz1979959 - Fix typo in testparm output 4.15.5-2 - resolves: rhbz1979959 - Improve idmap autorid sanity...

SUSE-SU-2021:2777-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: - Upgrade to version 10.17: - CVE-2021-32027: Fixed integer overflows in array subscripting calculations bsc1185924. - CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON CONFLICT ... UPDATE target lists bsc1185925. - Don't u...

samba: fd_open_atomic infinite loop due to wrong handling of dangling symlinks

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory...

ctdb, libsmbclient, libwbclient, samba security update

CentOS Errata and Security Advisory CESA-2017:1950 An update for samba is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

samba: fd_open_atomic infinite loop due to wrong handling of dangling symlinks

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory...

samba: fd_open_atomic infinite loop due to wrong handling of dangling symlinks

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory...

USN-3348-1 samba vulnerability

It was discovered that Samba incorrectly handled dangling symlinks. A remote attacker could possibly use this issue to cause Samba to hang, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-9461 In addition, this update fixes a regression...

CVE-2017-9461

A flaw was found in the way Samba handled dangling symlinks. An authenticated malicious Samba client could use this flaw to cause the smbd daemon to enter an infinite loop and use an excessive amount of CPU and memory...

Denial of service

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...

CVE-2017-9461

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...

DEBIAN-CVE-2017-9461

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...

UBUNTU-CVE-2017-9461

smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability fdopenatomic infinite loop with high CPU usage and memory consumption due to wrongly handling dangling symlinks...

SUSE SLED12 Security Update : libreoffice (SUSE-SU-2014:1729-1)

This libreoffice update fixes the following security and non security issues : - Version bump to 4.3.5 release : - Various small fixes - Fix for CVE-2014-9093 bnc907636 - Remove dangling symlinks from previous versions bnc884942 Note that Tenable Network Security has extracted the preceding...