Lucene search
+L

37 matches found

redhat
redhat
added 2026/06/29 9:2 a.m.2 views

tomcat: Apache Tomcat: Misleading security logs due to incorrect control flow

A flaw was found in Apache Tomcat. Due to an always-incorrect control flow implementation, special roles and empty authorization constraints were not accurately included when the effective web.xml configuration was logged. This could lead to a security oversight where administrators might...

9.1CVSS6AI score0.00368EPSS
Exploits0References5
redhat
redhat
added 2026/06/24 5:15 p.m.5 views

Apache Tomcat: Apache Tomcat: Incorrect control flow in rewrite valve allows unexpected rule processing

A flaw was found in Apache Tomcat's rewrite valve. This vulnerability involves an incorrect control flow implementation where, during the processing of rewrite rules, if the first condition in an OR chain matched, subsequent non-OR conditions were unexpectedly skipped. This can lead to unintended...

7.3CVSS6.1AI score0.00413EPSS
Exploits0References5
redhat
redhat
added 2026/06/24 5:15 p.m.2 views

tomcat: Apache Tomcat: Misleading security logs due to incorrect control flow

A flaw was found in Apache Tomcat. Due to an always-incorrect control flow implementation, special roles and empty authorization constraints were not accurately included when the effective web.xml configuration was logged. This could lead to a security oversight where administrators might...

9.1CVSS6AI score0.00368EPSS
Exploits0References5
ibm
ibm
added 2026/06/03 7:21 a.m.15 views

Security Bulletin: IBM Maximo Application Suite uses once-2.0.0.tgz which is vulnerable to CVE-2026-3449

Summary IBM Maximo Application Suite uses once-2.0.0.tgz which is vulnerable to CVE-2026-3449. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-3449 DESCRIPTION: Versions of the package @tootallnate/once before 3.0.1 are vulnerab...

4.8CVSS5.8AI score0.00112EPSS
Exploits0Affected Software1
ptsecurity
ptsecurity
added 2026/04/20 12:0 a.m.9 views

PT-2026-33714

Name of the Vulnerable Software and Affected Versions lm-sys fastchat versions prior to 0.2.37 Description Remote Code Execution is possible in the Arena Side-by-Side View Handler component via the add text function. Manipulation of this function results in incorrect control flow, allowing an...

6.9CVSS6.2AI score0.00308EPSS
Exploits0References15
redos
redos
added 2026/04/14 12:0 a.m.9 views

ROS-20260414-73-0025

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00152EPSS
Exploits0
redos
redos
added 2026/04/14 12:0 a.m.8 views

ROS-20260414-73-0028

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00143EPSS
Exploits0
redos
redos
added 2026/04/14 12:0 a.m.9 views

ROS-20260414-73-0010

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00143EPSS
Exploits0
redos
redos
added 2026/04/14 12:0 a.m.8 views

ROS-20260414-73-0009

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00146EPSS
Exploits0
redos
redos
added 2026/04/14 12:0 a.m.9 views

ROS-20260414-73-0008

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00145EPSS
Exploits0
snyk
snyk
added 2026/04/03 3:26 a.m.8 views

Always-Incorrect Control Flow Implementation

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Always-Incorrect Control Flow Implementation via the onboarding process. An attacker can obtain gateway credentials by leveraging a scenario where a previously discovered endpoint persist...

6.9CVSS5.9AI score0.00252EPSS
Exploits0References2
github
github
added 2026/03/03 6:31 a.m.6 views

@tootallnate/once vulnerable to Incorrect Control Flow Scoping

Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References6Affected Software1
osv
osv
added 2026/03/03 6:31 a.m.4 views

GHSA-VPQ2-C234-7XJ6 @tootallnate/once vulnerable to Incorrect Control Flow Scoping

Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References6
cvelist
cvelist
added 2026/03/03 5:0 a.m.34 views

CVE-2026-3449

Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This...

4.8CVSS0.00112EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/03 12:0 a.m.7 views

PT-2026-22719

Name of the Vulnerable Software and Affected Versions @tootallnate/once versions prior to 3.0.1 Description The package @tootallnate/once versions prior to 3.0.1 are susceptible to an issue with incorrect control flow scoping in promise resolving when the AbortSignal option is utilized. When the...

4.8CVSS5.9AI score0.00112EPSS
Exploits0References19
snyk
snyk
added 2026/02/02 10:3 p.m.4 views

Incorrect Control Flow Scoping

Overview Affected versions of this package are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then usage to hang indefinitely. This can cause a...

4.8CVSS5.8AI score0.00112EPSS
Exploits0References2
redos
redos
added 2026/01/28 12:0 a.m.6 views

ROS-20260128-73-0052

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00169EPSS
Exploits0
redos
redos
added 2026/01/28 12:0 a.m.6 views

ROS-20260128-73-0040

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00164EPSS
Exploits0
redos
redos
added 2026/01/28 12:0 a.m.5 views

ROS-20260128-73-0041

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00164EPSS
Exploits0
redos
redos
added 2026/01/12 12:0 a.m.6 views

ROS-20260112-7301

Vulnerability in kernel-lt related to implementation of incorrect control flow. Exploitation of the vulnerability may allow an attacker to cause a denial of service...

6.7AI score0.00176EPSS
Exploits0
Rows per page
Query Builder