EUVD-2025-21025

Malicious code in bioql PyPI...

CVE-2025-53542

Headlamp is an extensible Kubernetes web UI. A command injection vulnerability was discovered in the codeSign.js script used in the macOS packaging workflow of the Kubernetes Headlamp project. This issue arises due to the improper use of Node.js's execSync function with unsanitized input derived...

CVE-2025-53542 Kubernetes Headlamp Allows Arbitrary Command Injection in macOS Process headlamp@codeSign

Headlamp is an extensible Kubernetes web UI. A command injection vulnerability was discovered in the codeSign.js script used in the macOS packaging workflow of the Kubernetes Headlamp project. This issue arises due to the improper use of Node.js's execSync function with unsanitized input derived...

CVE-2025-53542

CVE-2025-53542 affects Headlamp, an extensible Kubernetes web UI. The vulnerability is a command injection in the macOS packaging workflow (codeSign.js) caused by using Node.js execSync() with unsanitized environment-derived input (teamID, entitlementsPath, config.app) passed to the shell without...

PT-2025-29128 · Headlamp · Headlamp

Name of the Vulnerable Software and Affected Versions: Headlamp versions prior to 0.31.1 Description: Headlamp is an extensible Kubernetes web UI. A command injection issue exists in the codeSign.js script used during the macOS packaging workflow. This is due to the improper use of the execSync...

OPENSUSE-SU-2021:0893-1 Security update for htmldoc

This update for htmldoc fixes the following issues: htmldoc was updated to version 1.9.12 Fixed buffer-overflow CVE-2021-20308 boo1184424 Fixed a crash bug with 'data:' URIs and EPUB output Fixed several other crash bugs Fixed JPEG error handling Fixed some minor issues Removed the bundled libjpe...