5 matches found
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.25 bug fix and security update
Red Hat OpenShift Container Platform release 4.20.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...
Important: nodejs20
Issue Overview: A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called ...
CVE-2025-55130
A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...
Uncontrolled Recursion
Overview protobuf is a Google’s data interchange format Affected versions of this package are vulnerable to Uncontrolled Recursion when parsing untrusted Protocol Buffers data containing an excessive number of recursive groups, recursive messages, or a series of SGROUP tags. An attacker can provi...
Arista Networks Extensible Operating System 安全漏洞
Arista Networks Extensible Operating System EOS is a scalable operating system for next-generation data center and cloud solutions from Arista Networks, Inc. in the United States. A security vulnerability exists in the Arista Networks Extensible Operating System that stems from specially crafted...