2 matches found
CVE-2026-42351
pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, a raw string path concatenation vulnerability in pygeoapi's STAC FileSystemProvider plugin can allow for requests to STAC collection based collections to expose directories...
The vulnerability of the Openstack Cinder block storage service lies in its reliance on files and directories accessible from external parties, allowing an attacker to expose protected information.
The vulnerability of the Openstack Cinder block storage service is related to the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose the protected information...