5 matches found
CVE-2026-25529
Postal is an open source SMTP server. Postal versions less than 3.3.5 had a HTML injection vulnerability that allowed unescaped data to be included in the admin interface. The primary way for unescaped data to be added is via the API's "send/raw" method. This could allow arbitrary HTML to be...
Linux Distros Unpatched Vulnerability : CVE-2022-4462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions...
UBUNTU-CVE-2022-4462
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. This vulnerability could allow a user to unmask the Discord Webhook URL through viewing the raw API respons...
PT-2023-14519 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.8 through 15.7.8 GitLab versions 15.8 through 15.8.4 GitLab versions 15.9 through 15.9.2 Description: The issue could allow a user to unmask the Discord Webhook URL through viewing the raw API response. Recommendations: For...
Google TensorFlow code issue vulnerability (CNVD-2022-09856)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. Google TensorFlow suffers from a code issue vulnerability that stems from the fact that when recovering a tensor via the raw API, TensorFlow may be tricked into referencing a null pointer if the...