Lucene search
K

5 matches found

OSV
OSV
added 2026/06/26 7:58 a.m.3 views

OPENSUSE-SU-2026:21066-1 Security update for python-python-multipart

This update for python-python-multipart fixes the following issues - CVE-2026-53537: multipart/form-data with extended parameters can lead to file or parameter smuggling bsc1268506. - CVE-2026-53538: urlencoded requests containing semicolons can lead to form field smuggling bsc1268496. -...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References8
OSV
OSV
added 2026/06/26 7:58 a.m.2 views

SUSE-SU-2026:22372-1 Security update for python-python-multipart

This update for python-python-multipart fixes the following issues - CVE-2026-53537: multipart/form-data with extended parameters can lead to file or parameter smuggling bsc1268506. - CVE-2026-53538: urlencoded requests containing semicolons can lead to form field smuggling bsc1268496. -...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References9
OSV
OSV
added 2026/03/03 6:31 a.m.4 views

GHSA-VPQ2-C234-7XJ6 @tootallnate/once vulnerable to Incorrect Control Flow Scoping

Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/02 6:48 p.m.6 views

malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability

Several extraction and scanning code paths registered late defers which could leak resources and exhaust system resources. This report is an aggregate of these individual reports for the affected code: Advisory | Affected File -- | -- GHSA-jjgh-mc5q-gch7 | pkg/action/scan.go GHSA-mwmf-fxh2-w4x7 |...

6AI score
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/01/15 12:0 a.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the processing of XML catalogs containing repeated elements. An attacker can cause excessive CPU consumption and degrade application availability by supplying specially crafted XM...

5.3CVSS5.8AI score0.00308EPSS
Exploits1References2
Rows per page
Query Builder