CVE-2026-20613

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

CVE-2026-20613

The CVE-2026-20613 issue is in ArchiveReader.extractContents() used by cctl image load and container image load. It does not validate pathnames when extracting archive members, enabling a crafted archive with relative paths to write files to arbitrary user-writable locations on the host. Document...

EUVD-2026-4205

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

CVE-2026-23951 SumatraPDF's Integer Underflow in PalmDbReader Leads to Crash

SumatraPDF is a multi-format reader for Windows. All versions contain an off-by-one error in the validation code that only triggers with exactly 2 records, causing an integer underflow in the size calculation. This bug exists in PalmDbReader::GetRecord when opening a crafted Mobi file, resulting ...

Container and Containerization archive extraction does not guard against escapes from extraction base directory.

The ArchiveReader.extractContents function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using...

Oracle GoldenGate for Big Data Multiple Vulnerabilities 21.x < 21.21.0.0.0 (January 2026 CPU)

According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is affected by multiple vulnerabilities: - Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...

CVE-2026-24048

Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the FetchUrlReader component, used by the catalog and other...

CVE-2026-24048

CVE-2026-24048 affects Backstage FetchUrlReader in @backstage/backend-defaults prior to v0.12.2, v0.13.2, v0.14.1, and v0.15.0. The component would follow HTTP redirects, enabling an attacker who controls a host in backend.reading.allow to redirect requests to internal/sensitive URLs outside the ...

CVE-2026-24048 Backstage has a Possible SSRF when reading from allowed URL's in `backend.reading.allow`

Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the FetchUrlReader component, used by the catalog and other...

CVE-2026-24048

Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the FetchUrlReader component, used by the catalog and other...

Server-side Request Forgery (SSRF)

Overview @backstage/backend-defaults is a Backend defaults used by Backstage backend apps Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the FetchUrlReader component that automatically follows HTTP redirects. An attacker can access internal or sensitive...

Backstage Code Issues and Vulnerabilities

Backstage is an open-source application developed by Backstage. It serves as an open platform for building developer portals. Versions of Backstage prior to 0.12.2, 0.13.2, 0.14.1, and 0.15.0 contained code vulnerabilities. These vulnerabilities stemmed from the FetchUrlReader component’s automat...

MiracleLinux 7 : java-11-openjdk-11.0.13.0.8-1.el7 (AXSA:2021-2490:12)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2490:12 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

MiracleLinux 9 : runc-1.1.12-2.el9 (AXSA:2024-7794:03)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7794:03 advisory. golang: io/fs: stack exhaustion in Glob CVE-2022-30630 golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: path/filepath:...

MiracleLinux 8 : java-11-openjdk-11.0.13.0.8-1.el8 (AXSA:2021-2492:13)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2492:13 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

MiracleLinux 9 : firefox-91.9.0-1.el9.ML.1 (AXSA:2022-3990:29)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3990:29 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

MiracleLinux 9 : thunderbird-91.9.0-3.el9.ML.1 (AXSA:2022-3963:16)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3963:16 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

MiracleLinux 8 : firefox-91.9.0-1.el8.ML.1 (AXSA:2022-3174:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3174:10 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

MiracleLinux 9 : grafana-pcp-3.2.0-3.el9 (AXSA:2023-4824:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4824:01 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: io/fs: stack exhaustion in Glob CVE-2022-30630 golang:...

MiracleLinux 7 : firefox-102.11.0-2.0.1.el7.AXS7 (AXSA:2023-5464:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5464:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...