5 matches found
HTTP Response Splitting
Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume th...
Allocation of Resources Without Limits or Throttling
Overview sqlatypemodel is a Typed JSON fields for SQLAlchemy with automatic mutation tracking Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to uncontrolled recursion when processing deeply nested JSON-like structures. An attacker can...
Inclusion of Functionality from Untrusted Control Sphere
Overview Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere due to incomplete LaTeX sanitization that fails to block the verbatim package. The Latex handling module overlooks the verbatim package during sanitization, allowing specially...
Facebook : 'No more anonymous on Internet'
Facebook : 'No more anonymous on Internet' The sister of Facebook CEO , Randi Zuckerberg wants to put an end to online anonymity.Fcaebook wants to force people to use their real names on Profiles. Randi Zuckerberg is Facebook's marketing director, believes users would act much more responsibly on...