15 matches found
Uncontrolled Recursion
Overview liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript. Affected versions of this package are vulnerable to Uncontrolled Recursion through a circular reference in the block.ts during OUTPUT mode. An attacker can cause the application to enter ...
EUVD-2026-6695
Inspektor Gadget uses unsanitized ANSI Escape Sequences In columns Output Mode...
GHSA-34R5-6J7W-235F Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...
Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...
SUSE CVE-2026-25996
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...
CVE-2026-25996
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...
CVE-2026-25996 Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...
DEBIAN-CVE-2024-47746
In the Linux kernel, the following vulnerability has been resolved: fuse: use exclusive lock when FUSEICACHEIOMODE is set This may be a typo. The comment has said shared locks are not allowed when this bit is set. If using shared lock, the wait in fusefilecachedioopen may be forever...
CVE-2022-43568
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, a View allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query parameter when outputmode=radio...
PT-2022-26971 · Splunk · Splunk Enterprise
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 Description: The issue allows for a Reflected Cross Site Scripting via JavaScript Object Notation JSON in a query...
Security update for axel (moderate)
openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...
BGP Hijack Detection: TaBi
BGP Hijack Detection Developed since 2011 for the needs of the French Internet Resilience Observatory , TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an...
Oracle Linux 4 : mysql (ELSA-2010-0110)
From Red Hat Security Advisory 2010:0110 : Updated mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL...
Debian DSA-1783-1 : mysql-dfsg-5.0 - multiple vulnerabilities
Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application. The Common Vulnerabilities and Exposures project identifies the following two problems : - CVE-2008-3963 Kay Roepke reported that the MySQL server would...
DEBIAN-CVE-2004-2152
Cross-site scripting XSS vulnerability in 'raw' page output mode for MediaWiki 1.3.4 and earlier allows remote attackers to inject arbitrary web script or HTML...