Lucene search
K

25 matches found

NVD
NVD
added 2026/07/06 4:16 p.m.8 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS0.00138EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/06 2:24 p.m.15 views

EUVD-2026-41878

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 2:24 p.m.4 views

CVE-2026-58203

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/07/06 2:24 p.m.4 views

CVE-2026-58203 NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size

pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secretsdir. When secretsnestedsubdir=True, a directory entry inside secretsdir that is a symbolic link pointing outside secretsdir is...

5.3CVSS6AI score0.00138EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:59 p.m.3 views

GHSA-WPHV-VFRH-23Q5 joserfc: b64=false RFC7797 JWS payloads bypass JWSRegistry payload-size limits during deserialization

RFC7797 b64=false JWS payloads bypass JWSRegistry payload-size limits during deserialization Summary Testing revealed that joserfc accepts oversized RFC7797 b64=false JWS payloads without applying JWSRegistry.maxpayloadlength. The normal JWS compact and flattened JSON paths reject payloads above...

5.3CVSS5.7AI score0.00163EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:37 p.m.7 views

CVE-2026-46553

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NCATTACHMENTFIELDSIZE against either the remote file's advertised Content-Length or the decoded length of a data: URI, allowing an authenticated user to bypass the configured...

5.3CVSS5.9AI score0.0024EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 8:9 p.m.6 views

GHSA-G3CQ-J2XW-WF74 aiohttp: Unread Compressed Request Bodies Bypass client_max_size During Cleanup

Summary During cleanup it is possible for a compressed request body to be decompressed into memory in one chunk. Impact An attacker may be able to send a compressed payload in specific situations that could be decompressed into memory, potentially leading to DoS a zip bomb edge case. Workaround...

8.7CVSS5.3AI score0.00279EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 7:11 p.m.20 views

CVE-2026-53781

The CVE affects the Summarize utility prior to version 0.17.0. Vulnerable path is the temp-file-based media download, where an unbounded response can be streamed via the download/response path, causing disk and resource exhaustion. Root cause: responses bypass the enforced size limit due to missi...

5.3CVSS5.5AI score0.00329EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/06 5:58 p.m.12 views

netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

A flaw was found in Netty. A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume...

8.7CVSS7.3AI score0.01125EPSS
Exploits0References5
OSV
OSV
added 2026/05/05 4:16 p.m.17 views

PYSEC-2026-54

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated Content-Length header can bypass the FILEUPLOADMAXMEMORYSIZE limit, potentially loading large files into memory and causing service degradation. As a reminder, Django expects a limit to ...

6.3CVSS5.8AI score0.00423EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/13 7:9 p.m.45 views

CVE-2026-30961 Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, the chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an...

4.3CVSS0.00253EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/13 6:56 p.m.9 views

Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload

Summary The chunked upload completion path for file requests does not validate the total file size against the per-request MaxSize limit. An attacker with a public file request link can split an oversized file into chunks each under MaxSize and upload them sequentially, bypassing the size...

4.3CVSS5.7AI score0.00253EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/02/25 3:16 a.m.9 views

CVE-2026-27607

RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads PostObject, allowing attackers to bypass content-length-range, starts-with, and Content-Type constraints. This enabl...

9.1CVSS0.00265EPSS
Exploits0References1
CVE
CVE
added 2026/02/25 2:10 a.m.17 views

CVE-2026-27607

RustFS is affected by a vulnerability in versions 1.0.0-alpha.56 through 1.0.0-alpha.82 where presigned POST uploads (PostObject) do not validate policy conditions. The server bypasses content-length-range, starts-with, and Content-Type constraints, allowing unauthorized file uploads that can exc...

9.1CVSS5.6AI score0.00265EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/25 2:10 a.m.6 views

CVE-2026-27607 RustFS's Missing Post Policy Validation leads to Arbitrary Object Write

RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads PostObject, allowing attackers to bypass content-length-range, starts-with, and Content-Type constraints. This enabl...

8.1CVSS5.7AI score0.00265EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.6 views

Hono 安全漏洞

Hono is a web framework written in TypeScript from the Hono community. A security vulnerability exists in Hono versions prior to 4.9.7, which stems from the bodyLimit middleware prioritizing the Content-Length header when handling conflicting HTTP headers, which could lead to a denial of service...

5.3CVSS6.2AI score0.0042EPSS
Exploits0References3
CNVD
CNVD
added 2025/08/21 12:0 a.m.5 views

NVIDIA NeMo Framework Code Issue Vulnerability

NVIDIA Nemo Framework is a framework for building and deploying generative AI models from NVIDIA. A code issue vulnerability exists in the NVIDIA NeMo Framework, which can be exploited by an attacker to execute malicious code by uploading arbitrary files and bypassing file size limits...

9.8CVSS7.4AI score0.0056EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.5 views

NVIDIA NeMo Framework 代码问题漏洞

NVIDIA Nemo Framework is a framework for building and deploying generative AI models from NVIDIA. A code issue vulnerability exists in the NVIDIA NeMo Framework, which can be exploited by an attacker to execute malicious code by uploading arbitrary files and bypassing file size limits...

9.8CVSS7.3AI score0.0056EPSS
Exploits0References3
CNVD
CNVD
added 2025/07/18 12:0 a.m.4 views

Apache Tomcat Input Validation Error Vulnerability (CNVD-2025-16617)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. An input validation error vulnerability exists in Apache Tomcat, which stems from an integer overflow, and can be exploited by an...

7.5CVSS6.8AI score0.0196EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/10 12:0 a.m.3 views

Apache Tomcat 输入验证错误漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. An input validation error vulnerability exists in Apache Tomcat, which stems from an integer overflow, and can be exploited by an...

7.5CVSS7.6AI score0.0196EPSS
Exploits0References5
Rows per page
Query Builder