Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/10 10:1 p.m.28 views

CVE-2026-47712 Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.24.0 and prior to version 1.2.5, dulwich.porcelain.formatpatchoutdir=... derives each patch filename from the commit's subject line. Prior to this fix, getsummary only replaced spaces with dashes ...

3.3CVSS0.00139EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/01 7:49 a.m.13 views

CVE-2026-42359

A bug in Apache Airflow's XCom PATCH endpoint PATCH /api/v2/xcomEntries/key allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names e.g. returnvalue that the matching POST endpoint already validated against FORBIDDENXCOMKEYS. The...

8.8CVSS5.8AI score0.00592EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7666

Malicious code in bioql PyPI...

7.8CVSS5.1AI score0.00283EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.10 views

SUSE SLES15 Security Update : go1.24-openssl (SUSE-SU-2025:02837-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02837-1 advisory. Updated to go1.24.6 released 2025-08-06 bsc1236217: - CVE-2025-4674: Fixed unexpected command execution in untrusted VCS...

8.6CVSS7.3AI score0.00489EPSS
Exploits1References11
OSV
OSV
added 2025/07/29 2:34 p.m.5 views

CLSA-2025-1753799668 Fix CVE(s): CVE-2025-32462

SECURITY UPDATE: unauthorized commands execution on unintended hosts - debian/patches/CVE-2025-32462.patch: restrict user from setting remote host for command unless listing privileges - CVE-2025-32462...

8.8CVSS7AI score0.03239EPSS
Exploits12References1
Snyk
Snyk
added 2020/10/18 2:20 p.m.6 views

Prototype Pollution

Overview immer is a package that allows you to create your next immutable state by mutating the current one. Affected versions of this package are vulnerable to Prototype Pollution. PoC const applyPatches, enablePatches = require"immer"; enablePatches; let obj = ; console.log"Before : " +...

7.5CVSS8.4AI score0.02293EPSS
Exploits1References2
Rows per page
Query Builder