Lucene search
K

9 matches found

Snyk
Snyk
added 2026/06/15 5:14 p.m.9 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the inputSourceMap function. An attacker can access arbitrary files by crafting malicious input source code containing a sourceMappingURL comment that references a specific source map file path. Note: This is onl...

3.6CVSS6.1AI score0.00116EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 5:14 p.m.93 views

@babel/core: Arbitrary File Read via sourceMappingURL Comment

Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...

3.6CVSS5.3AI score0.00116EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/15 5:14 p.m.38 views

GHSA-4X5R-PXFX-6JF8 @babel/core: Arbitrary File Read via sourceMappingURL Comment

Impact Using @babel/core to compile maliciously crafted code can allow ab attacker to read any source map from the system that is running Babel, if these conditions are all true: - the attacker controls the input source code - the attacker can read the output source code - the attacker knows the...

3.2CVSS5.4AI score0.00116EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/06 7:14 a.m.1 views

CVE-2026-29062 jackson-core: Nesting Depth Constraint Bypass in `UTF8DataInputJsonParser` potentially allowing Resource Exhaustion

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. From version 3.0.0 to before version 3.1.0, the UTF8DataInputJsonParser, which is used when parsing from a java.io.DataInput source, bypasses the maxNestingDepth constrai...

8.7CVSS5.7AI score0.00552EPSS
Exploits0References3
Citrix
Citrix
added 2022/12/06 12:0 a.m.9 views

Mac OS input source not synchronized correctly to remote applications or desktops

With Citrix Workspace app for Mac 2212 or previous version on Mac OS 13, you might encounter problems that client input sources cannot be synchronized correctly to your remote applications or desktops. For example, for Mac OS 13, the default English input source is English - ABC, while in the pas...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2021/09/24 12:0 a.m.4 views

Apache Druid 安全漏洞

A security vulnerability exists in Apache Druid, a column-oriented open source distributed database written in Java by the Apache Foundation, which stems from the fact that InputSource is used to read data from a data source in the Druid ingestion system. However, the HTTP InputSource allows an...

6.5CVSS6.5AI score0.81038EPSS
Exploits3References3
OSV
OSV
added 2021/01/12 6:15 p.m.7 views

SUSE-SU-2021:0096-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0444: Fixed a bad kfree due to a logic error in auditdatatoentry bnc1180027. - CVE-2020-0465: Fixed multiple missing bounds checks in...

9.8CVSS7.7AI score0.01659EPSS
Exploits7References118
OSV
OSV
added 2020/10/16 4:15 a.m.11 views

CVE-2020-27173

In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...

7.5CVSS6.8AI score
Exploits0References2
Cvelist
Cvelist
added 2020/10/16 3:58 a.m.16 views

CVE-2020-27173

In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source i.e., standard input. This behavior cannot be reproduced from the guest side. When no rate limiting is in place, the host can be subject to memory pressure, impacting all...

7.5AI score0.01512EPSS
Exploits0References2
Rows per page
Query Builder