3 matches found
EUVD-2026-41131
NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedT...
Security Bulletin: Vulnerability in Apache Log4j affects IBM Db2® Warehouse (CVE-2021-44228)
Summary Apache Log4j open source library used by IBM® Db2® Warehouse is affected by a vulnerability that could allow a remote attacker to execute arbitrary code on the system. This library is used by the Db2 Federation feature. Vulnerability Details CVEID: CVE-2021-44228 DESCRIPTION: Apache Log4j...
Security update 1970-01-01
...