CVE-2026-32591

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An...

CVE-2026-32591

A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An...

Red Hat Quay 代码问题漏洞

Red Hat Quay is a distributed container image repository provided by the American company Red Hat. It is primarily used for building, distributing, and deploying containers. Red Hat Quay has code-related vulnerabilities. These vulnerabilities stem from the Proxy Cache configuration feature, which...

PT-2026-31343

Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay establishes a network...

USN-8062-2: curl vulnerabilities

USN-8062-1 fixed vulnerabilities in curl. This update provides the corresponding update for CVE-2025-14017, CVE-2025-15079, and CVE-2025-15224 for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that curl incorrectly handled...

Manyfold 代码问题漏洞

Manyfold is a self-hosted web application developed by Manyfold OpenSource. Versions of Manyfold prior to 0.133.0 had code-related vulnerabilities; these vulnerabilities were caused by Cookie leaks in the proxy cache, which could lead to session hijacking...

EUVD-2025-176952

Malicious code in proxy-cache-beta-iota-water npm...

CVE-2025-61598

Product/Component: Discourse (open source discussion platform). Vulnerability summary: Versions before 3.6.2 and 3.6.0.beta2 expose a missing Cache-Control header (no-store, no-cache) in error responses, which can enable proxy caching of error pages and potentially lead to cache poisoning. Impact...

Discourse 安全漏洞

Discourse is an open source community discussion platform from Discourse Open Source. The platform includes features such as communities, email and chat rooms. A security vulnerability exists in Discourse versions prior to 3.6.2 and 3.6.0.beta2, which stems from the lack of a default Cache-Contro...

EUVD-2010-2791

Malware in sbrugna...

EUVD-2015-6234

Malware in sbrugna...

EUVD-2020-7793

Malware in sbrugna...

EUVD-2025-13599

Malicious code in bioql PyPI...

EUVD-2023-1651

Malicious code in bioql PyPI...

EUVD-2022-44525

Malicious code in bioql PyPI...

EUVD-2025-29013

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-10148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted...

CVE-2025-10148

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...

ALPINE-CVE-2025-10148

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...

DEBIAN-CVE-2025-10148

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...