5 matches found
CVE-2026-25229
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have a broken access control vulnerability which allows authenticated users with write access to any repository to modify labels belonging to other repositories. The UpdateLabel function in the Web UI...
CVE-2025-59047 matrix-sdk-base has panic in the `RoomMember::normalized_power_level()` method
matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t...
Class Pollution
Overview mesop is a Build UIs in Python Affected versions of this package are vulnerable to Class Pollution in the recursiveupdatedataclassfromjsonobj function, which doesn't raise an exception for dunder properties. An attacker can cause denial of service by overwriting these elements, leading t...
CVE-2024-53856
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...
CVE-2024-53856
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1...