12 matches found
EUVD-2019-0073
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1002150
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability...
Linux Distros Unpatched Vulnerability : CVE-2019-17109
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation. CVE-2019-17109 Note that Nessus relies on the presence of the packag...
CVE-2018-1002150
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1...
the-new-hotness (=0.13.0) potentially affected by CVE-2024-9427 via koji (=1.20.1)
koji PYPI version =1.20.1 is affected by a known vulnerability. The following packages have a transitive dependency on koji and may be impacted: - the-new-hotness =0.13.0 Source cves: CVE-2024-9427 Source advisory: OSV:GHSA-G2VG-8HFG-79VJ...
GHSA-G2VG-8HFG-79VJ Koji Cross-site Scripting
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...
Koji Cross-site Scripting
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...
CVE-2024-9427
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...
UBUNTU-CVE-2024-9427
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...
CVE-2024-9427 Koji: escape html tag characters in the query string
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able to submit an action or make a change in Koji due to existing XSS protections in the code...
GHSA-VWP5-W4RQ-G4CC Koji blacklisted paths workaround
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission...
CVE-2019-17109
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation...