Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.10 views

CVE-2026-41732

JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages rather than applying a safe default...

8.1CVSS5.4AI score0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:49 p.m.32 views

CVE-2026-41732 In Spring for Apache Pulsar, overly broad trusted-package matching in header mapper exposes JDK classes to deserialization

JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages rather than applying a safe default...

8.1CVSS0.00347EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-48328

Name of the Vulnerable Software and Affected Versions Spring for Apache Pulsar versions 1.1.0 through 1.1.17 Spring for Apache Pulsar versions 1.2.0 through 1.2.17 Spring for Apache Pulsar versions 2.0.0 through 2.0.5 Description JsonPulsarHeaderMapper uses a prefix check to match type headers...

8.1CVSS5.8AI score0.00347EPSS
Exploits0References5
Veeam
Veeam
added 2021/02/25 12:0 a.m.16 views

Veeam Service Provider Console Plugin for ConnectWise Automate opens empty configuration in ConnectWise Automate Control Center

Challenge After successfully installing the Veeam Service Provider Console Plugin for ConnectWise Automate, the Integration tab for Veeam Service Provider Console displays no data. Cause Lack of permissions for account used to log in to ConnectWise Automate and coexistence of 2 plugins: Veeam...

6.9AI score
Exploits0Affected Software1
OSV
OSV
added 2020/05/13 6:15 p.m.2 views

DEBIAN-CVE-2020-12831

An issue was discovered in FRRouting FRR aka Free Range Routing through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some...

5.3CVSS6.6AI score0.01397EPSS
Exploits1References1
Rows per page
Query Builder