2 matches found
CVE-2026-60125
MISP’s importModule path used getEnabledModule to resolve a single import module by name, but this lookup did not enforce the per-organisation module restriction checked by getEnabledModules. As a result, an authenticated user from an organisation that was not allowed to use a module restricted v...
PT-2023-1887 · Unknown +7 · Kubernetes Containerd +6
Name of the Vulnerable Software and Affected Versions: containerd versions 1.6.17 and earlier, containerd versions 1.5.17 and earlier Description: The issue is related to the import of OCI images in containerd, where there was no limit on the number of bytes read for certain files. A maliciously...