16 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix for the debugfs directory leak The ULPI per-device debugfs root is named after the parent of the ulpi device. However, ulpiunregisterinterface attempts to remove a debugfs directory named after the ulpi device...
CLSA-2026-1777377545 sudo: Fix of 3 CVEs
CVE-2021-23239: fix potential directory existence info leak in sudoedit - CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...
GLPI 10.0.18 Log Exposure Probe Script Directory Leak Detection
This Python script is designed to assess a GLPI application for potential information disclosure vulnerabilities, specifically focusing on exposed log files and sensitive directories...
CVE-2022-49525 media: cx25821: Fix the warning when removing the module
In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get the following warning: 14.746697 removeprocentry: removing non-empty directory 'irq/21', leaking at least 'cx258211' 14.747449 WARNING...
kernel: usb: ulpi: Fix debugfs directory leak
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...
CVE-2024-26919
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...
DEBIAN-CVE-2024-26919
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...
CVE-2024-26919
CVE-2024-26919 : In the Linux kernel, the USB ULPI driver had a debugfs directory leak due to a naming mismatch: the ULPI per-device debugfs root was created using the parent device name, while ulpi_unregister_interface attempted to remove a directory named after the ULPI device itself. This caus...
StaticFile.fromUrl can leak presence of a directory
Impact StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a directory, without first checking the...
GHSA-6H7W-FC84-X7P6 StaticFile.fromUrl can leak presence of a directory
Impact StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a directory, without first checking the...
CVE-2021-32643
Http4s is a Scala interface for HTTP services. StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a...
CVE-2021-32643
The CVE-2021-32643 issue affects http4s (Scala HTTP services) where StaticFile.fromUrl can reveal the existence of a server directory when the URL scheme is not file://. If url.getFile is a directory, a non-file URL could yield a 404 that leaks directory presence, without exposing contents or met...
undertow: Information leak in requests for directories without trailing slashes
undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api...
OpenJDK: directory information leak via file chooser (Swing, 8055304)
An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...
OpenJDK: directory information leak via file chooser (Swing, 8055304)
An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...
OpenJDK: directory information leak via file chooser (Swing, 8055304)
An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...