GHSA-3JQF-V4MV-747G Moonraker affected by LDAP search filter injection

Impact Instances of Moonraker configured with the ldap component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover...

PT-2021-22427 · Unknown · Coreos-Installer

Name of the Vulnerable Software and Affected Versions: coreos-installer versions prior to 0.10.0 Description: A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read...