Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Versions of Admidio 5.0.6 and earlier have security vulnerabilities. These vulnerabilities st...

Malicious code in proto-trust-metadata-api (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b87774d0bcfbcd33d81c38f3c6d26c986559b07bc1e15717164022afe4de346c The OpenSSF Package Analysis project identified 'proto-trust-metadata-api' @ 99.99.99 rubygems as malicious. It is considered malicious because:...

GHSA-77HH-43CM-V8J6 tuf's Metadata API: Targets.get_delegated_role() is missing input validation

The security of both a TUF client and repository implementations depend on the concept of trusted Metadata objects verifying the signatures over other Metadata that it delegates to. This verification process uses Targets.getdelegatedroledelegatedrole: str to find the delegation information...

SUSE CVE-2022-23451

An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data,...