4 matches found
CVE-2026-58203
CVE-2026-58203 affects pydantic-settings, specifically NestedSecretsSettingsSource. From 2.12.0 through 2.14.2, when secrets_nested_subdir is true, a directory entry that is a symbolic link to outside secrets_dir is followed, enabling reading files outside the configured directory and bypassing s...
GHSA-4XGF-CPJX-PC3J pydantic-settings: NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size
Summary NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is followed, so files outside the configured directory are read into settings value...
Jenkins plug-in vulnerabilities: plaintext stored credentials disclosure-vulnerability warning-the black bar safety net
Jenkins is a widely used open source automation server, allows DevOps developers to efficiently and reliably build, test, and deploy software. In order to use Jenkins modular architecture, developers can plug-ins to extend its core features, allowing it to expand the script capabilities...
RHEL 7 : docker (RHSA-2015:0623)
Updated docker packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...