@evomap/evolver: Path Traversal in `evolver fetch` default-branch `safeId` allows Hub-controlled overwrite of project files (RCE)

Summary The evolver fetch subcommand in index.js writes Hub-supplied bundledfiles into a directory derived from a Hub-supplied skillid. When --out is not used, the path-sanitizing regex permits . characters, allowing a skillid of .. to escape the skills/ subdirectory and resolve to the user's...

GHSA-9GCG-W975-3RJH Istio: AuthorizationPolicy serviceAccounts regex injection via unescaped dots

Impact The serviceAccounts and notServiceAccounts fields in AuthorizationPolicy incorrectly interpret dots . as a regular expression matcher. Because . is a valid character in a service account name, an AuthorizationPolicy ALLOW rule targeting SA e.g. cert-manager.io also matches cert-manager-io,...

Istio: AuthorizationPolicy serviceAccounts regex injection via unescaped dots

Impact The serviceAccounts and notServiceAccounts fields in AuthorizationPolicy incorrectly interpret dots . as a regular expression matcher. Because . is a valid character in a service account name, an AuthorizationPolicy ALLOW rule targeting SA e.g. cert-manager.io also matches cert-manager-io,...

CVE-2026-39350 Istio AuthorizationPolicy Incorrect Regex Matching of Dots in serviceAccounts Fields Allows Policy Bypass

Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the serviceAccounts and notServiceAccounts fields in AuthorizationPolicy incorrectly interpret dots . as a regular expression matcher. Because . is...

GHSA-M7JM-9GC2-MPF2 fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names

Entity encoding bypass via regex injection in DOCTYPE entity names Summary A dot . in a DOCTYPE entity name is treated as a regex wildcard during entity replacement, allowing an attacker to shadow built-in XML entities , , &, ", ' with arbitrary values. This bypasses entity encoding and leads to...

EUVD-2022-2842

Malicious code in bioql PyPI...

CVE-2024-5755

In lunary-ai/lunary versions =v1.2.11, an attacker can bypass email validation by using a dot character '.' in the email address. This allows the creation of multiple accounts with essentially the same email address e.g., '[email protected]' and '[email protected]', leading to incorrect...

CVE-2024-5755 Email Validation Bypass in lunary-ai/lunary

In lunary-ai/lunary versions =v1.2.11, an attacker can bypass email validation by using a dot character '.' in the email address. This allows the creation of multiple accounts with essentially the same email address e.g., '[email protected]' and '[email protected]', leading to incorrect...

CVE-2021-31932

Nokia BTS TRS web console FTMW20FP22019.08.160010 allows Authentication Bypass. A malicious unauthenticated user can get access to all the functionalities exposed via the web panel, circumventing the authentication process, by using URL encoding for the . dot character...

Nokia BTS TRS web console 安全漏洞

Nokia BTS TRS web console is Nokia Transfer Module Authentication from Nokia Finland. A security vulnerability exists in the Nokia BTS TRS web console, which originates in the Nokia BTS TRS web console FTMW20FP22019.08.160010 version, that allows an unauthenticated, malicious user to bypass the...

CVE-2021-21682

Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows...

CVE-2011-1765

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction wit...

Cross site scripting

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? question mark in a query string,...

p5-libwww -- possibility to remote servers to create file with a .(dot) character

lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a .' dot character, which allows remote servers to create or overwrite files via a 3xx redirect to a URL with a crafted filename or a Content-Disposition header that suggests a crafted filename, and...