28 matches found
CVE-2026-47676
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, app.mount strips the mount prefix from the incoming request path using the raw URL pathname, while route matching is performed against the percent-decoded path. This inconsistency causes the...
EUVD-2026-32437
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...
CVE-2026-46055
CVE-2026-46055 affects the Linux kernel AppArmor LSM. The issue is a missing string terminator in aa_dfa_match, causing a slab-out-of-bounds read/write during path mounting on ARM64 Ubuntu 26.04 with Linux 7.0-rc4 (Snapdragon X1). Reported impact includes potential DoS or information disclosure. ...
CVE-2025-71271
A flaw was found in the hfsplus filesystem driver in the Linux kernel. A bug was introduced during the conversion of hfsplus to the new mount API, leading to a memory leak. If the setupbdevsuper function fails after a new superblock is allocated but before hfsplusfillsuper takes ownership of the...
CVE-2026-40923
A flaw was found in Tekton Pipelines. An attacker can bypass restrictions on where volumes can be mounted by using specially crafted paths that include directory traversal sequences e.g., ... This vulnerability, stemming from an incomplete path validation check, could allow unauthorized access to...
CVE-2026-33490
H3 is a minimal HTTP framework. In versions 2.0.0-0 through 2.0.1-rc.16, the mount method in h3 uses a simple startsWith check to determine whether incoming requests fall under a mounted sub-application's path prefix. Because this check does not verify a path segment boundary i.e., that the next...
CVE-2026-33490
H3 is a minimal HTTP framework. In versions 2.0.0-0 through 2.0.1-rc.16, the mount method in h3 uses a simple startsWith check to determine whether incoming requests fall under a mounted sub-application's path prefix. Because this check does not verify a path segment boundary i.e., that the next...
CVE-2025-66213
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the File Storage Directory Mount Path functionality allows users with application/service management permissions...
CVE-2025-66213 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in File Storage Directory Mount Path
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the File Storage Directory Mount Path functionality allows users with application/service management permissions...
CVE-2025-66213
CVE-2025-66213 affects Coolify prior to 4.0.0-beta.451, where the File Storage Directory Mount Path feature chains an un-sanitized file_storage_directory_source parameter into shell commands. This authenticated vulnerability lets users with application/service management permissions run arbitrary...
CVE-2025-66213 Coolify Vulnerable to Authenticated Remote Code Execution via Command Injection in File Storage Directory Mount Path
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.451, an authenticated command injection vulnerability in the File Storage Directory Mount Path functionality allows users with application/service management permissions...
PT-2025-52856
Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.451 Description Coolify is a self-hostable tool for managing servers, applications, and databases. An authenticated command injection issue exists in the File Storage Directory Mount Path functionality. Use...
PT-2025-34689 · Docker +1 · Docker +1
Name of the Vulnerable Software and Affected Versions: Airlink versions prior to 1.0.1 Description: Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. An attacker with access to the affected container can create symbolic links...
UBUNTU-CVE-2024-9675
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host read/write into the container as long as those files can...
SUSE CVE-2024-43859
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate preallocated blocks in f2fsfileopen chenyuwen reports a f2fs bug as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000011 fscryptsetbiocryptctx+0x78/0x1e8...
UBUNTU-CVE-2024-43859
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate preallocated blocks in f2fsfileopen chenyuwen reports a f2fs bug as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000011 fscryptsetbiocryptctx+0x78/0x1e8...
CVE-2023-40930
An issue in the directory /system/bin/blkid of Skyworth v3.0 allows attackers to perform a directory traversal via mounting the Udisk to /mnt/...
USN-5013-2 systemd vulnerabilities
USN-5013-1 fixed several vulnerabilities in systemd. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash,...
USN-5013-1 systemd vulnerabilities
It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. CVE-2021-33910 Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW packets. A remote attacker...
Hashicorp Vault Security Vulnerability
Hashicorp HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp USA. A security vulnerability exists in HashiCorp Vault and Vault Enterprise that allows enumeration of secret engine mount paths via an unauthenticated HTTP request...