EUVD-2026-22805

NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within NuGet packages. An attacker can supply a crafted nuspec file with malicious metadata, leading to cross package metadata injection that ma...

EUVD-2024-0531

Malicious code in bioql PyPI...

Improper Authentication

org.apache.ozone ozone-main is vulnerable to Improper Authentication. The vulnerability is due to improper verification for the identity of a user accessing the Storage Container Manager service. This flaw allows an attackers to download internal metadata without the need for proper authenticatio...

GHSA-6726-2RX3-CGWH Apache Ozone Improper Authentication vulnerability

Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...

CVE-2023-39196

Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...

Authentication flaw

Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...

CVE-2023-39196 Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints

Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...

CVE-2023-39196

CVE-2023-39196 describes an improper authentication vulnerability in Apache Ozone (affecting 1.2.0 up to 1.3.0). The issue allows an attacker to download internal metadata from the Storage Container Manager service without authenticating, but does not permit modification or access to actual user ...

CVE-2023-39196 Apache Ozone: Missing mutual TLS authentication in one of the service internal Ozone Storage Container Manager endpoints

Improper Authentication vulnerability in Apache Ozone. The vulnerability allows an attacker to download metadata internal to the Storage Container Manager service without proper authentication. The attacker is not allowed to do any modification within the Ozone Storage Container Manager service...

PT-2023-28892

Name of the Vulnerable Software and Affected Versions EVE OS versions 9.0.0 and earlier Description The "measured boot" mechanism in EVE OS is designed to prevent a compromised device from accessing the encrypted data located in the vault. However, this mechanism does not validate the entire...

Nutanix AHV Connector Failure: "The storage container cannot be accessed"

Error observed: "The storage container cannot be accessed. Please check that the ELM is in the container's 'white list'. " When deploying App Layering to Nutanix AHV: You are able to "check credentials" on the left half of the connector screen successfully, and it enumerate templates and storage...