102 matches found
Astra Linux - уязвимость в containerd
Containerd is an open-source container runtime. Prior to versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where no limit was applied could cause a denial of service. This bug ha...
Server-side Request Forgery (SSRF)
Overview apostrophe is a content management system CMS for Node.js. It supports in-context editing, schema-driven content types, flexible widgets and a great deal more. This module contains everything necessary to build a website with ApostropheCMS. Affected versions of this package are vulnerabl...
PT-2026-41154
Summary ApostropheCMS contains an authenticated server-side request forgery SSRF in the rich-text widget import flow. An authenticated user who can submit/edit rich-text widget content can cause the server to fetch attacker-controlled URLs during widget validation. For image-compatible responses,...
CVE-2026-35527
A flaw was found in Incus, an open-source container and virtual machine manager. An authenticated user can exploit this vulnerability by supplying a malicious URL during the image import process. Before project restrictions are applied, Incus makes a blind HEAD request to the user-supplied URL,...
SUSE CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527 Incus blind SSRF via image import preflight HEAD request
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527
Incus (pre-7.0.0) is vulnerable to a blind SSRF via image import preflight HEAD requests. An authenticated user can coerce the daemon to issue a host-originated HEAD request to a user-supplied URL before policy checks complete, exposing server metadata in headers (Incus-Server-Architectures, Incu...
CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
CVE-2026-35527 Incus blind SSRF via image import preflight HEAD request
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
Incus 代码问题漏洞
Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 7.0.0 contained code vulnerabilities. These vulnerabilities stemmed from the image import process sending an outbound HEAD request to the URL provided to users before verifying project restriction...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the imgPostURLInfo function. An attacker can cause the server to initiate outbound HTTP HEAD requests to arbitrary endpoints by supplying a crafted URL during the image import preflight stage. This c...
Incus has Blind SSRF via Image Import Preflight HEAD
Summary A partial implementation of our restricted.images.servers project restriction allows users in such restricted projects to still cause Incus to send HEAD requests to arbitrary endpoints. The actual image download will be rejected by the project restriction, but the ability to trigger...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the imgPostURLInfo function. An attacker can cause the server to initiate outbound HTTP HEAD requests to arbitrary endpoints by supplying a crafted URL during the image import preflight stage. This c...
GHSA-8GW4-P4WQ-4HCV Incus has Blind SSRF via Image Import Preflight HEAD
Summary A partial implementation of our restricted.images.servers project restriction allows users in such restricted projects to still cause Incus to send HEAD requests to arbitrary endpoints. The actual image download will be rejected by the project restriction, but the ability to trigger...
PT-2026-37097
Name of the Vulnerable Software and Affected Versions Incus versions prior to 7.0.0 Description An authenticated user can cause the daemon to make blind outbound HEAD requests to arbitrary destinations. This occurs because the image import flow issues a request to a user-supplied URL via the...
USN-8199-1 glance vulnerabilities
Martin Kaesberger discovered that OpenStack Glance's image processing could return the contents of arbitrary files. An attacker could possibly use this issue to exfiltrate sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2024-32498 Hyeongeun Ji and Abhishek Keka...
GHSA-MC26-Q38V-83GV OpenStack Glance is affected by Server-Side Request Forgery (SSRF)
OpenStack Glance versions = 30.0.0 30.1.1, == 31.0.0 are affected by Server-Side Request Forgery SSRF. By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only the glance image import functionality is affected. In particular, the...
EUVD-2026-17323
OpenStack Glance =30.0.0 30.1.1, ==31.0.0 is affected by Server-Side Request Forgery SSRF. By use of HTTP redirects, an authenticated user can bypass URL validation checks and redirect to internal services. Only glance image import functionality is affected. In particular, the web-download and...