8 matches found
CVE-2026-39087
ntfy before 2.22.0 allows SSRF because of an unanchored regular expression...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the parseActions function. An attacker can execute arbitrary code by sending crafted input to the affected process. Remediation Upgrade heckel.io/ntfy/v2/server to version 2.21.0 or higher. Reference...
ntfy.sh allows a remote attacker to execute arbitrary code via the parseActions function
An issue in Ntfy ntfy.sh before v.2.22.0 allows a remote attacker to execute arbitrary code via the parseActions function...
CVE-2026-39087
ntfy before 2.22.0 allows SSRF because of an unanchored regular expression...
CVE-2026-39087
ntfy before 2.22.0 allows SSRF because of an unanchored regular expression...
CVE-2026-39087
ntfy before 2.22.0 allows SSRF because of an unanchored regular expression...
CVE-2023-53049
In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is NULL, yet in case of ucsiacpi we may still get events which cause the ucsacpi code to call ucsiconnectorchange, which then derefs the...
UBUNTU-CVE-2023-53049
In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is NULL, yet in case of ucsiacpi we may still get events which cause the ucsacpi code to call ucsiconnectorchange, which then derefs the...