[SECURITY] Fedora 40 Update: python-fastapi-0.111.1-7.fc40

FastAPI is a modern, fast high-performance, web framework for building APIs with Python 3.8+ based on standard Python type hints. The key features are: =E2=80=A2 Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python frameworks available...

[SECURITY] Fedora 40 Update: python-openapi-core-0.19.4-3.fc40

Openapi-core is a Python library that adds client-side and server-side support for the OpenAPI v3.0 and OpenAPI v3.1 specification...

Fedora: Security Advisory (FEDORA-2024-f1615b58e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the OpenAPI Generator software for automatically generating client libraries arises from incorrect restrictions on the path name to the restricted access directory. This allows attackers to circumvent security restrictions and gain read, modify, or delete access to data.

The vulnerability of the OpenAPI Generator software for automatically generating client libraries is related to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain access to...

Redoc 安全漏洞

Redoc is an open source tool from Redocly Open Source. It is used to generate documentation from OpenAPI definitions. A security vulnerability exists in Redoc version v2.0.9-rc.69. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service denial of servic...

Secure Your APIs and Reduce Your Attack Surface With Modern, AI-powered API Security in Qualys Web Application Scanning (WAS)

The rise of APIs presents both opportunities and challenges in today’s hyperconnected digital world. APIs are integral to digital transformation initiatives across industries. The latest data indicates that over 83% of web traffic now comprises API traffic, highlighting their critical role in...

The vulnerability of the OpenAPI audit tool for detecting and tracking network activities, Nozomi Guardian, and the Nozomi Central Management Console (CMC), a centralized security management tool, allows attackers to gain access to protected information.

The vulnerability of the OpenAPI-based detection and monitoring tool for network activities, Nozomi Guardian, as well as the Nozomi Central Management Console CMC, relates to insufficient protection of registration data. Exploiting this vulnerability could allow a malicious actor to gain access t...

Malicious code in chromestatus-openapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3f0ae839e77574e6fbdeb08227dfe2e2d3be958d34456a8cc4df440988db1e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7783 Malicious code in chromestatus-openapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3f0ae839e77574e6fbdeb08227dfe2e2d3be958d34456a8cc4df440988db1e1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity

CVE-2024-27198: Authentication bypass in Jetbrain Teamcity leads...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service interruptions using a specially created OpenAPI fil...

OPENSUSE-SU-2024:14152-1 python310-openapi-spec-validator-0.7.1-1.3 on GA media

These are all security issues fixed in the python310-openapi-spec-validator-0.7.1-1.3 package on the GA media of openSUSE Tumbleweed...

BIT-GITLAB-2024-1816 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI file...

CVE-2024-1816

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI file...

CVE-2024-1816

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI file...

UBUNTU-CVE-2024-1816

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI file...

GitLab 12.0 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-1816)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an...

FreeBSD : Gitlab -- Vulnerabilities (589de937-343f-11ef-8a7b-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 589de937-343f-11ef-8a7b-001b217b3468 advisory. Gitlab reports: Run pipelines as any user Stored XSS injected in imported project's commit not...

CVE-2024-1816 Uncontrolled Resource Consumption in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows for an attacker to cause a denial of service using a crafted OpenAPI file...

CVE-2024-1816

Removed by vendor...