Lucene search
K

32 matches found

NVD
NVD
added 2026/07/02 5:17 p.m.9 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

4.3CVSS0.00262EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 5:17 p.m.3 views

UBUNTU-CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

4.3CVSS6AI score0.00262EPSS
Exploits0References12
CVE
CVE
added 2026/07/02 4:6 p.m.21 views

CVE-2026-53422

CVE-2026-53422 describes an observable response discrepancy in Erlang/OTP ssh_sftpd where the REALPATH handling bypasses the root check, enabling an authenticated SFTP user to determine the existence of files/directories outside the configured root. The uncanonicalized path can trigger resolve_sy...

4.3CVSS5.8AI score0.00262EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2026/07/02 4:6 p.m.36 views

CVE-2026-53422 SFTP REALPATH path-existence oracle allowing filesystem enumeration outside configured root

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS0.00262EPSS
Exploits0References7
OSV
OSV
added 2026/07/02 4:6 p.m.3 views

EEF-CVE-2026-53422 SFTP REALPATH path-existence oracle allowing filesystem enumeration outside configured root

Summary Observable Response Discrepancy vulnerability in Erlang OTP ssh ssh\sftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSH\FXP\REALPATH handler in ssh\sftpd calls relate\file\name/3 with...

2.3CVSS5.8AI score0.00262EPSS
Exploits0References6
NVD
NVD
added 2026/05/11 8:25 p.m.14 views

CVE-2026-42885

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/filesystem/pathexists endpoint uses String.startsWith to validate that a resolved file path is within a library folder. This check fails for sibling directories whose names share a common prefix e.g.,...

4.3CVSS0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/11 7:52 p.m.5 views

CVE-2026-42885

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/filesystem/pathexists endpoint uses String.startsWith to validate that a resolved file path is within a library folder. This check fails for sibling directories whose names share a common prefix e.g.,...

4.3CVSS5.8AI score0.00236EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.17 views

PT-2026-39750

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/filesystem/pathexists endpoint uses String.startsWith to validate that a resolved file path is within a library folder. This check fails for sibling directories whose names share a common prefix e.g.,...

4.3CVSS5.8AI score0.00236EPSS
Exploits0References2
Veracode
Veracode
added 2025/12/13 4:48 a.m.6 views

Information Disclosure

Jenkins Git Client Plugin is vulnerable to an Information Disclosure. The vulnerability is due to differential form validation behavior, where Git URL validation responses vary based on whether an attacker-specified file path exists on the Jenkins controller when using the amazon-s3 protocol,...

4.3CVSS6.9AI score0.00288EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26516

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00288EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/09/03 3:30 p.m.7 views

Jenkins Git client Plugin file system information disclosure vulnerability

In Jenkins Git client Plugin 6.3.2 and earlier, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an...

4.3CVSS6.8AI score0.00288EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/09/03 3:30 p.m.5 views

GHSA-G2PQ-9JR7-W6GV Jenkins Git client Plugin file system information disclosure vulnerability

In Jenkins Git client Plugin 6.3.2 and earlier, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an...

4.3CVSS6.8AI score0.00288EPSS
Exploits0References5
OSV
OSV
added 2025/09/03 3:15 p.m.7 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

4.3CVSS6.8AI score
Exploits0References2
NVD
NVD
added 2025/09/03 3:15 p.m.8 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

4.3CVSS0.00288EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/09/03 3:15 p.m.6 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

4.3CVSS6.5AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/03 3:2 p.m.12 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 3:2 p.m.5 views

CVE-2025-58458

In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying amazon-s3 protocol for use with JGit, allowing attackers with Overall/Read permission to check f...

6.2AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/03/31 11:15 p.m.5 views

CVE-2025-24249

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to check the existence of an arbitrary path on the file system...

9.8CVSS5.8AI score0.00827EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/06/05 2:47 p.m.5 views

jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin

A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting XSS...

6.5CVSS5.6AI score0.00698EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/06/05 2:47 p.m.5 views

jenkins-2-plugins: Improper input sanitization in HTML Publisher Plugin

A flaw was found in jenkins-2-plugins. In the HTML Publisher Plugin 1.16 through 1.32, fallback for reports created in HTML Publisher Plugin 1.15 and earlier does not properly sanitize input. This can allow attackers with Item/Configure permissions to implement stored cross-site scripting XSS...

6.5CVSS5.6AI score0.00698EPSS
Exploits0References5
Rows per page
Query Builder