226 matches found
CVE-2023-51699
Fluid is an open source Kubernetes-native Distributed Dataset Orchestrator and Accelerator for data-intensive applications. An OS command injection vulnerability within the Fluid project's JuicefsRuntime can potentially allow an authenticated user, who has the authority to create or update the K8...
CVE-2021-28381
The vhs aka VHS: Fluid ViewHelpers extension before 5.1.1 for TYPO3 allows SQL injection via isLanguageViewHelper...
CVE-2020-15241
TYPO3 Fluid Engine package typo3fluid/fluid before versions 2.0.5, 2.1.4, 2.2.1, 2.3.5, 2.4.1, 2.5.5 or 2.6.1 is vulnerable to cross-site scripting when making use of the ternary conditional operator in templates like showFullName ? fullName : defaultValue. Updated versions of this package are...
CVE-2016-10975
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has reflected XSS via the skin parameter...
CVE-2020-26216
TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. Three XSS vulnerabilities have been detected in Fluid: 1. TagBasedViewHelper allowed XSS through maliciously crafted additionalAttributes arrays by creating keys with...
MAL-2024-11980 Malicious code in fluid-renderer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c91755cc441a577f7a891af00b7ad8e1a9de715f40002af3df668be2b19d571 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fluid-renderer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c91755cc441a577f7a891af00b7ad8e1a9de715f40002af3df668be2b19d571 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fluid-tooltip (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5d371b6c8c7950311649323e234550b5c9c644c9a9e2aada8180962d6dab886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11167 Malicious code in fluid-tooltip (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5d371b6c8c7950311649323e234550b5c9c644c9a9e2aada8180962d6dab886 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-31172
Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of10::StatsReplyTable::unpack. This issue affects libfluid: 0.1.0...
CVE-2024-31165
Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::SetFieldAction::unpack. This issue affects libfluid: 0.1.0...
PT-2024-23830 · Open Networking Foundation · Libfluid
Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is an Out-of-bounds Read vulnerability in the Open Networking Foundation ONF libfluid, specifically in the libfluid msg module. It is associated with the program routine fluid...
PT-2024-23828 · Open Networking Foundation · Libfluid
Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is an Out-of-bounds Read vulnerability in the Open Networking Foundation ONF libfluid, specifically in the libfluid msg module. It is associated with the program routine fluid...
libfluid 安全漏洞
libfluid is an Open Networking Foundation open source application. A programmatic denial of service vulnerability exists in the libfluid fluidmsg::ActionList::unpack10 example, which can be exploited by an attacker to cause a denial of service...
PT-2024-20173 · Open Networking Foundation · Libfluid
Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is related to an Unchecked Return Value to NULL Pointer Dereference vulnerability in the libfluid msg module of the Open Networking Foundation ONF libfluid. This vulnerability is associated with t...
libfluid 安全漏洞
libfluid is an Open Networking open source application. A security vulnerability exists in libfluid that stems from the fact that the fluidmsg::of10::Port: unpack routine contains an exception abort...
libfluid 安全漏洞
libfluid is an Open Networking open source application. A security vulnerability exists in libfluid that stems from the fact that the fluidmsg::of13::InstructionSet::unpack routine contains a null pointer dereference vulnerability caused by an unchecked return value...
PT-2024-23836 · Open Networking Foundation · Libfluid
Name of the Vulnerable Software and Affected Versions: libfluid version 0.1.0 Description: The issue is an Out-of-bounds Read vulnerability in the Open Networking Foundation ONF libfluid, specifically in the libfluid msg module. It is associated with the program routine fluid...
GO-2023-1763 On a compromised node, the fluid-csi service account can be used to modify node specs in github.com/fluid-cloudnative/fluid
On a compromised node, the fluid-csi service account can be used to modify node specs in github.com/fluid-cloudnative/fluid...
Microsoft Fluid Framework prague Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Fluid Framework. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Fluid Framework. When installed from the official Microsof...