268 matches found
CVE-2026-55878
The CVE-2026-55878 issue affects Symfony UX Toolkit. Affected: Symfony UX versions 2.32.0–2.36.0 and 3.0.0–3.1.x (pre-2.36.1/3.2.0). The ux:install console command copies files from a recipe kit using paths listed in copy-files; because Path::isRelative() treats paths like ../../../etc as relativ...
CVE-2026-55078 Coder: Zip upload decompression lacks aggregate size limit, enabling denial of service
Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, POST /api/v2/files converts zip uploads to tar in memory via CreateTarFromZip, which enforced a per-entry size limit but no...
CVE-2026-14468
HashiCorp Terraform Enterprise contained an issue in its version control system VCS ingestion of registry modules that did not correctly enforce the intended boundary on packaged module content. This may allow an authenticated user to include files from outside the intended repository content in ...
ROOT-OS-DEBIAN-13-CVE-2026-23070 CVE-2026-23070 in rootio-linux - Patched by Root
Root has patched CVE-2026-23070 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-71077 CVE-2025-71077 in rootio-linux - Patched by Root
Root has patched CVE-2025-71077 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-40099 CVE-2025-40099 in rootio-linux - Patched by Root
Root has patched CVE-2025-40099 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-39966 CVE-2025-39966 in rootio-linux - Patched by Root
Root has patched CVE-2025-39966 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23378 CVE-2026-23378 in rootio-linux - Patched by Root
Root has patched CVE-2026-23378 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-UBUNTU-2204-CVE-2026-53237 CVE-2026-53237 in rootio-linux - Patched by Root
Root has patched CVE-2026-53237 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-43439 CVE-2026-43439 in rootio-linux - Patched by Root
Root has patched CVE-2026-43439 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-22120 CVE-2025-22120 in rootio-linux - Patched by Root
Root has patched CVE-2025-22120 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38574 CVE-2025-38574 in rootio-linux - Patched by Root
Root has patched CVE-2025-38574 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-23242 CVE-2026-23242 in rootio-linux - Patched by Root
Root has patched CVE-2026-23242 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2025-37949 CVE-2025-37949 in rootio-linux - Patched by Root
Root has patched CVE-2025-37949 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2026-43318 CVE-2026-43318 in rootio-linux - Patched by Root
Root has patched CVE-2026-43318 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-37982 CVE-2025-37982 in rootio-linux - Patched by Root
Root has patched CVE-2025-37982 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2025-39873 CVE-2025-39873 in rootio-linux - Patched by Root
Root has patched CVE-2025-39873 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
BIT-ENVOY-2026-47205 Envoy: ext_authz Use-After-Free during Stream Teardown with Per-Route Overrides
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free UAF vulnerability leading to a sudden segmentation fault exists in Envoy's extauthz HTTP filter when processing per-route authorization overrides...
CVE-2026-53404 Apache Tomcat: Bad ornext processing in RewriteValve
Always-Incorrect Control Flow Implementation vulnerability in Apache Tomcat's rewrite valve meant that if the first condition in an OR chain matched, subsequent non-OR conditions were skipped. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1 through 10.1.55, from...
ROOT-APP-NPM-CVE-2023-44270 CVE-2023-44270 in @rootio/postcss - Patched by Root
Root has patched CVE-2023-44270 in the @rootio/postcss package for Root:npm. Multiple fixed versions available...