ROS-20250609-01

A vulnerability in the DOMDeserializer component of the FasterXML jackson-databind library is related to an incorrect restriction of XML links to external objects. Exploitation of the vulnerability could allow an attacker, acting remotely, to conduct XXE attacks...

The vulnerability of the ILIAS learning management system and support process, which stems from an incorrect restriction on the path to the restricted access catalog, allows a perpetrator to disclose protected information.

The vulnerability of the ILIAS learning management system and support process exists due to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose protected information through...

The vulnerability of the WebExtension component of the Firefox browser, related to an incorrect URI restriction that allows attackers to access confidential data

The vulnerability of the WebExtension component in the Firefox browser is related to an incorrect URI restriction. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...