5 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Engineering AI hub.
Summary Multiple vulnerabilities were addressed in IBM Engineering AI Hub version 1.2.0. Vulnerability Details CVEID:CVE-2026-0540 DESCRIPTION: DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in commit 2726c74, contain a cross-site scripting vulnerability that allows attackers to...
CAPE 安全漏洞
CAPE is a malware sandbox by the individual developer Kevin OReilly. CAPE has a security vulnerability that stems from an analysis denial vulnerability in reporting/mongodb.py and reporting/jsondump.py, which allows an attacker to submit samples to generate deeply nested or oversized behavioral...
CVE-2025-61301
Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 commit 52e4b43, on 2025-05-17 allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits o...
CVE-2025-61301
CVE-2025-61301 affects CAPEv2; the denial-of-analysis occurs in reporting/mongodb.py and reporting/jsondump.py (commit 52e4b43, 2025-05-17). Deeply nested or oversized behavior data can cause MongoDB BSON limits or orjson recursion errors when a sample runs in the sandbox, leading to incomplete o...
Exploit for CVE-2025-61301
CVE-2025-61301 - CAPEv2: Denial-Of-Analysis via Recursive Proc...