CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

Missing Release of File Descriptor or Handle after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of File Descriptor or Handle after Effective Lifetime via the ParseFile function. An attacker can cause the process to exhaust available file descriptors and disrupt service by repeatedly triggering schema parsing...

Symfony hardened the parser when handling untrusted input

Description Symfony\Component\Yaml\Parser is the entry point for parsing YAML strings into PHP values via Yaml::parse. When the parser is exposed to attacker-controlled input, deeply nested mappings or sequences cause both the block-level Parser::parseBlock and inline Inline::parseSequence /...

CVE-2026-39859

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

CVE-2026-39859 LiquidJS has a renderFile() / parseFile() bypass configured root and allow arbitrary file read

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

CVE-2026-39859

LiquidJS (liquidjs) has a path traversal vulnerability in renderFile()/parseFile() where top-level file loads do not enforce the configured root boundary, allowing access to arbitrary local files when root is empty. Affected versions are before 10.25.3; the issue is fixed in 10.25.3 (per NVD/Red ...

GHSA-V273-448J-V4QJ LiquidJS: `renderFile()` / `parseFile()` bypass configured `root` and allow arbitrary file read

liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. The published npm package [email protected] on Linux 6.17.0 with Node v22.22.1. A Liquid instance configured with an empty temporary directory as roo...

PT-2026-31354

liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. The published npm package [email protected] on Linux 6.17.0 with Node v22.22.1. A Liquid instance configured with an empty temporary directory as roo...

Parser Server's streaming file download bypasses afterFind file trigger authorization

Impact File downloads via HTTP Range requests bypass the afterFindParse.File trigger and its validators on storage adapters that support streaming e.g. the default GridFS adapter. This allows access to files that should be protected by afterFind trigger authorization logic or built-in validators...

music-metadata has an infinite loop vulnerability in ASF parser

Summary music-metadata's ASF parser parseExtensionObject in lib/asf/AsfParser.ts:112-158 enters an infinite loop when a sub-object inside the ASF Header Extension Object has objectSize = 0. Root Cause When objectSize is 0: 1. remaining = 0 - 24 = -24 2. tokenizer.ignore-24 moves the read position...

Azure Linux 3.0 Security Update: orc (CVE-2024-40897)

The version of orc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-40897 advisory. - Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer ...

BIT-PARSE-2025-64430 Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions 4.2.0 through 7.5.3, and 8.0.0 through 8.4.0, there is a Server-Side Request Forgery SSRF vulnerability in the file upload functionality when trying to upload a Parse.File with uri...

Directory Traversal

Overview langchain-chatchat is a Langchain-Chatchat formerly langchain-ChatGLM, local knowledge based LLM like ChatGLM, Qwen and Llama RAG and Agent app with langchain Affected versions of this package are vulnerable to Directory Traversal via the parsefile function in the...

orc: Stack-based buffer overflow vulnerability in ORC

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI buil...

PT-2024-20313 · Robdns · Robdns

Name of the Vulnerable Software and Affected Versions: robdns version d76d2e6 Description: The issue is related to a NULL pointer dereference via the item-tokens component at /src/conf-parse.c. This occurs in robdns commit d76d2e6. Recommendations: For version d76d2e6, consider applying a patch t...

AZL-44562 CVE-2024-4068 affecting package nodejs-nodemon 2.0.3-5

The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating...

PT-2023-35866 · Git +1 · Freerdp

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow WRITE crash was reported, with the crash state involving TestFuzzCommonAssistanceParseFileBuffer.c. No information is available...

SUSE CVE-2023-29582

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parseexpr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code...

CVE-2023-29582

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parseexpr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code...

yasm 缓冲区错误漏洞

yasm is a completely rewritten Netwide assembler from the yasm open source. A buffer error vulnerability exists in yasm version 1.3.0.55.g101bc, which stems from the discovery of a contained stack overflow vulnerability through the parseexpr1 function of /nasm/nasm-parse.c...