CLSA-2026-1777541087 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

CLSA-2026-1777480298 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

CLSA-2026-1777042487 Fix CVE(s): CVE-2026-34980

SECURITY UPDATE: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job. - debian/patches/CVE-2026-34980.patch: filter out control characters from IPP option values in scheduler/job.c and filter out special PPD keywords in the CUPSDLOGPPD bran...

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 8.6.12 and 9.5.1-alpha.1. These vulnerabilities stemmed from logical flaws in the...

py-ormar -- vulnerabilities

https://github.com/ormar-orm/ormar/security/advisories reports: SQL Injection in aggregate functions min and max Pydantic Validation Bypass via pkonly and excluded Kwargs Injection in Model Constructor...

CVE-2022-41878

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the...

CVE-2024-6038 ReDoS Vulnerability in gaizhenbiao/chuanhuchatgpt

A Regular Expression Denial of Service ReDoS vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the filterhistory function within the utils.py module. This function takes a user-provided keyword and attempts to match it against chat history...

CVE-2022-41878

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the...

CVE-2022-41878 Parse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the...

CVE-2022-41878 Parse Server Prototype pollution and Injection via Cloud Code Webhooks or Cloud Code Triggers

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.2 or 4.10.19, keywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the...

CVE-2022-41878

Parse Server contains a prototype pollution vulnerability (CVE-2022-41878) where keywords defined in the requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers, allowing them to be saved to the database and bypass the denylist. Affected versions are prior to 4.10.19 or 5.3.2; ...

PT-2022-26110

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 4.10.19 Parse Server versions prior to 5.3.2 Description The issue allows keywords specified in the requestKeywordDenylist option to be injected via Cloud Code Webhooks or Triggers, resulting in the keyword being...

xycms manage_book.php page parameters keyword injection vulnerability

No description provided by source...