15 matches found
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the FX expression parser. An attacker can cause the application to crash by supplying a deeply nested expression. Remediation A fix was pushed into the master branch but not yet published. References - GitHub...
Uncontrolled Recursion
Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the DestroyXMLTree function. An attacker can cause the application to exhaust stack memory and terminate unexpectedly by submitting an XML file with deeply nested structures. Remediation A fix was pushed into t...
Buffer Over-read
Overview Affected versions of this package are vulnerable to Buffer Over-read in the MatchDomainName function during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. An attacker can cause a crash by supplying a crafted hostname that exhausts the entire string, resulting ...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the dolayersurface process when pixel index values from decoded XCF tile data are used directly as colormap indices without validation against the colormap size. An attacker can cause heap out-of-bounds reads and...
Server-side Request Forgery (SSRF)
Overview prompts.chat is a Developer toolkit for AI prompts - build, validate, parse, and connect to prompts.chat Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Wiro media-generate plugin. An attacker can access internal network resources and exfiltra...
Use of Uninitialized Resource
Overview Affected versions of this package are vulnerable to Use of Uninitialized Resource in the zipfileInflate function of the zipfile extension. An attacker can access sensitive heap memory contents by supplying a specially crafted ZIP file. Remediation Upgrade sqlite3 to version 3.51.3 or...
XML Entity Expansion (Billion Laughs)
Overview Affected versions of this package are vulnerable to XML Entity Expansion Billion Laughs when parsing of custom XML entities in DOCTYPE. An attacker can cause the application to consume excessive memory by submitting malicious SVG files containing recursive entity references. Workaround F...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the identityTriggerType function in the pfcpreports.go file. An attacker can cause a denial of service by sending specially crafted requests that trigger a null pointer dereference. Remediation Upgrade...
CRLF Injection
Overview Affected versions of this package are vulnerable to CRLF Injection via the Host header processing when an HTTP proxy is configured. An attacker can cause unintended or unauthorized HTTP requests to be forwarded by injecting additional HTTP headers or request bodies by supplying specially...
Integer Overflow or Wraparound
Overview org.webjars.npm:node-forge is a WebJar for node-forge. Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the derToOid function in the asn1.js file, which decodes ASN.1 structures containing OIDs with oversized arcs. An attacker can bypass security...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to an improper fix for CVE-2025-6507. An attacker can execute arbitrary code and access unauthorized system files by injecting malicious parameters that bypass regular expression filters by adding...
Relative Path Traversal
Overview Affected versions of this package are vulnerable to Relative Path Traversal due to improper validation of user-supplied paths in router.go. An attacker can access sensitive files on the server by crafting requests with directory traversal sequences in the URL path. Remediation A fix was...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the SplitRTR function in the rtr.go file, which allows access to data without checking the input length. An attacker can cause a denial of service by sending specially crafted input. Remediation Upgrade...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the gdkpixbuf process. An attacker can cause a denial of service by sending specially crafted image files that trigger a heap buffer overflow. Remediation Upgrade gdk-pixbuf to version 2.44.4 or higher. Reference...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the PackLinuxElf64::unDTINIT function in plxelf.cpp. An attacker can trigger a segfault with malicious input. Remediation A fix was pushed into the master branch but not yet published. References - GitHub...