2112 matches found
CVE-2026-41684 Incus: Nil Dereferences on Restore via Malformed YAML
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...
CVE-2026-41684
Summary of CVE-2026-41684 (Incus): An authenticated user who can import instance backups may crash the Incus daemon during restore when a crafted backup archive includes a valid inline backup/index.yaml but a malformed legacy backup.yaml that omits the container section. The vulnerability arises ...
CVE-2026-41684 Incus: Nil Dereferences on Restore via Malformed YAML
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...
CVE-2026-41684
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...
CVE-2026-41684
Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy backup/container/backup.yaml file if result.Config == nil. As a result, an archive can carry a valid...
Security update for python-Django
This update for python-Django fixes the following issues CVE-2026-3902: headers spoofing by exploiting an ambiguous mapping of two header variants in ASGIRequest requests bsc1261729. CVE-2026-4277: permissions on inline model instances were not validated on submission of forged POST data in...
SUSE-SU-2026:1740-1 Security update for python-Django
This update for python-Django fixes the following issues - CVE-2026-3902: headers spoofing by exploiting an ambiguous mapping of two header variants in ASGIRequest requests bsc1261729. - CVE-2026-4277: permissions on inline model instances were not validated on submission of forged POST data in...
FileBrowser Vulnerable to Stored XSS via SVG File in Public Share (Missing CSP Header)
Summary FileBrowser Quantum serves inline SVG files without a Content-Security-Policy header, allowing embedded JavaScript in SVG files to execute when accessed via public share links. Verified on v1.3.0-stable. Affected product - Product: FileBrowser Quantum gtsteffaniak/filebrowser - Verified...
GHSA-MMPX-JH39-WRV6 FileBrowser Vulnerable to Stored XSS via SVG File in Public Share (Missing CSP Header)
Summary FileBrowser Quantum serves inline SVG files without a Content-Security-Policy header, allowing embedded JavaScript in SVG files to execute when accessed via public share links. Verified on v1.3.0-stable. Affected product - Product: FileBrowser Quantum gtsteffaniak/filebrowser - Verified...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the GET /public/api/resources/download endpoint when serving SVG files without a proper Content Security Policy header. An attacker can execute arbitrary JavaScript in the context of users' browsers by...
SUSE CVE-2026-43075
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...
SUSE CVE-2026-43076
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
Netty Redis Codec Encoder has a CRLF Injection Issue
Security Vulnerability Report: CRLF Injection in Netty Redis Codec Encoder 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions with codec-redis | | Component | io.netty.handler.codec.redis.RedisEncoder | | Vulnerability...
EUVD-2026-27560
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...
EUVD-2026-27563
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43075
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...
CVE-2026-43076
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43076 ocfs2: validate inline data i_size during inode read
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43076
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...
CVE-2026-43076
The vulnerability CVE-2026-43076 affects the ocfs2 filesystem in the Linux kernel. When reading an inode from disk, ocfs2_validate_inode_block() did not validate the i_size of inline data against the inline data capacity (id_count). A corrupted filesystem could make i_size exceed id_count, causin...