614 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005537)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005537 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: check if leafidx greater than num leaves per dmap tree syzbot report a out of bounds in...
CLEANSTART-2026-XZ04425 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the prometheus-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-KK99760 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-VZ85637 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
CLEANSTART-2026-IG94553 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details...
BIT-COSIGN-2026-24122 Cosign Certificate Chain Expiry Validation Issue Allows Issuing Certificate Expiry to Be Overlooked
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
SUSE CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
CVE-2026-27120
Leaf-kit (templating library for Swift) before version 1.4.1 is vulnerable to HTML escaping bypass via extended grapheme clusters in htmlEscaped(), enabling potential XSS in attribute contexts when user-controlled variables are interpolated. The root cause is that htmlEscaped escapes only when th...
CVE-2026-27120 Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster
Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...
CVE-2026-27120 Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster
Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...
CVE-2026-27120 Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster
Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character a...
CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
DEBIAN-CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
CVE-2026-24122
Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...
Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster
Summary htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character and some additional characters. In the case of html attributes, this c...
Improper Neutralization of Equivalent Special Elements
Overview vapor/leaf-kit is an an expressive, performant, and extensible templating language built for Swift. Affected versions of this package are vulnerable to Improper Neutralization of Equivalent Special Elements in the htmlEscaped function. An attacker can inject malicious HTML or JavaScript...
GHSA-4HFH-FCH3-5Q7P Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster
Summary htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character and some additional characters. In the case of html attributes, this c...
PT-2026-20982
Name of the Vulnerable Software and Affected Versions Leafkit versions prior to 1.4.1 Description Leafkit’s htmlEscaped function inadequately escapes HTML special characters when dealing with extended grapheme clusters. This occurs because the function only escapes characters if the extended...