4 matches found
PT-2026-49096
Name of the Vulnerable Software and Affected Versions glances affected versions not specified Description The secure popen function in glances/secure.py improperly interprets shell-like operators, specifically file redirection, | pipe, and && command chaining, within command strings. When...
PT-2026-49094
Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.5 Description The XML-RPC server glances -s contains a misconfiguration in its Cross-Origin Resource Sharing CORS implementation. When the cors origins variable is configured with more than one entry, the system...
PT-2026-49093
Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.5 Description Insecure deserialization occurs in glances/outdated.py because the load cache function uses pickle.load to read a version-check cache file. This file is stored at predictable, world-accessible paths...
PT-2026-49095
Name of the Vulnerable Software and Affected Versions Glances versions prior to 4.5.5 Description The XML-RPC server implemented in glances/server.py and started with glances -s fails to validate the HTTP Host header. This allows a DNS rebinding attack, where an attacker can bypass the same-origi...