AZL-79628 CVE-2026-27137 affecting package golang 1.26.0-1

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

AZL-79613 CVE-2026-27137 affecting package golang 1.25.7-1

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

CVE-2026-27137 Incorrect enforcement of email constraints in crypto/x509

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

CVE-2026-27137

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

CVE-2026-27137

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered...

StoreFront Displays Incorrect Username

When there are multiple users with the same log on name in different domains, StoreFront displays incorrect name. For example, if the domain names are domain1\jdoe and domain2\jdoe for John Doe in domain 1 and Jane Doe in domain 2, StoreFront displays the incorrect display name when the user from...

golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect...

UBUNTU-CVE-2023-45289

When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a...

UPM Profile Gets Corrupt If Users With Same SAM Account Name In Different Domains Login

UPM profile gets corrupt if users with same SAM Account name in different domains login to the same VDA. Issue is seen with 1912 LTSR CU5 and above and 2203 LTSR CU1 and above. USER1.DomainA.com logson a VDA and then User1.DomainB.com logs on the same VDA then the local profile of user1.Domain A...

PT-2021-19859 · Helm +1 · Helm +1

Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.6.1 Description: A vulnerability exists in Helm where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This issue occurs...

CVE-2020-26077

A vulnerability in the access control functionality of Cisco IoT Field Network Director FND could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. The vulnerability is due to improper access control. An attacker could...

Cross site scripting

Cross-site scripting XSS vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains...

CVE-2011-2461

Cross-site scripting XSS vulnerability in the Adobe Flex SDK 3.x and 4.x before 4.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the loading of modules from different domains...