NFC: digital: Bounds check NFC-A cascade depth in SDD response handler

...

CVE-2023-45725

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: list show rewrite update An attacker can leak the session component using an HTML-like output, insert t...

BIT-COUCHDB-2023-45725 Apache CouchDB, IBM Cloudant: Privilege Escalation Using _design Documents

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: list show rewrite update An attacker can leak the session component using an HTML-like output,...

CVE-2023-45725

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: list show rewrite update An attacker can leak the session component using an HTML-like output,...

CVE-2023-45725

Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: list show rewrite update An attacker can leak the session component using an HTML-like output,...

CVE-2023-45725

CVE-2023-45725 is a vulnerability affecting IBM Planning Analytics Local (IBM Planning Analytics Workspace) 2.1 and 2.0. It concerns design document functions that receive a user HTTP request object, which may expose authorization or session cookie headers. The attack, as described, requires the ...

Apache CouchDB Information Disclosure Vulnerability

Apache CouchDB is the United States Apache Apache Foundation's use of Erlang development of a document-oriented database system. An information disclosure vulnerability exists in Apache CouchDB, which stems from the fact that design documents with matching document IDs from databases on the same...

CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes

Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...

couchdb -- information sharing via couchjs processes

Nick Vatamane reports: Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using various design document functions...

The toLocked.end >= fromLocked.end in delegate function is inconsistent with design.

Lines of code Vulnerability details Impact The condition of toLocked.end = fromLocked.end in function delegate is inconsistent with design in veFDT Checkpoint Math Proof of Concept In VotingEscrow.sol. L589 requiretoLocked.end = fromLocked.end, "Only delegate to longer lock"; But In veFDT...