2 matches found
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization due to the resolvers.SecretKeyRef process not being used for namespace validation. An attacker can gain unauthorized access to secrets across namespaces by exploiting the lack of proper namespace checks during secr...
Linux Distros Unpatched Vulnerability : CVE-2023-3550
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a...