GHSA-QP9X-WP8F-QGJJ tuf has platform-dependent delegation path matching

DelegatedRole.istargetinpathpattern uses fnmatch.fnmatch to decide whether a given target path is authorized by a delegation's glob pattern. Python's fnmatch.fnmatch calls os.path.normcase on both arguments before matching. On POSIX hosts normcase is the identity function; on Windows hosts os.pat...

EUVD-2007-2280

Malware in sbrugna...

Cockpit Uses Platform-Dependent Third Party Components

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit 2.3.9 and prior. A patch is available and anticipated to be part of version 2.4.0...

CVE-2023-1160

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...

Code injection

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...

CVE-2023-1160 Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...

CVE-2023-1160 Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...

Cockpit 安全漏洞

Cockpit is an interactive server management interface. A security vulnerability exists in Cockpit versions prior to 2.4.0, which stems from the use of platform-dependent third-party components...

CVE-2023-1160 Use of Platform-Dependent Third Party Components in cockpit-hq/cockpit

Use of Platform-Dependent Third Party Components in GitHub repository cockpit-hq/cockpit prior to 2.4.0...

CVE-2023-1160

CVE-2023-1160 affects cockpit-hq/cockpit prior to version 2.4.0 due to use of platform-dependent third‑party components. The root cause is the incorporation of non-uniform components that vary by platform, leading to compatibility and risk concerns described across multiple sources. The documente...

CVE-2020-7512

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to exploit the component...

Design/Logic Flaw

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to exploit the component...

CVE-2020-7512

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to exploit the component...

Design/Logic Flaw

Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator versions 14.0.0-14.1.0.1, 13.0.0-13.1.1.3, and 12.1.1 HF2-12.1.4, the secureKeyCapable...

CVE-2007-2285

Directory traversal vulnerability in examples/layout/feed-proxy.php in Jack Slocum Ext 1.0 alpha1 Ext JS allows remote attackers to read arbitrary files via a .. dot dot in the feed parameter. NOTE: analysis by third party researchers indicates that this issue might be platform dependent...