Lucene search
K

5 matches found

NVD
NVD
added 2 days ago8 views

CVE-2026-57432

Perl versions through 5.43.10 have an integer overflow in Smeasurestruct leading to an out-of-bounds heap read in pack and unpack. Smeasurestruct adds each item's size times its repeat count to a running total with no overflow check, so a large repeat count in a pack or unpack template wraps the...

8.4CVSS0.00207EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2026/04/27 12:0 a.m.11 views

Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 For more details about the security issues, including the impact, a CVSS score,...

9.8CVSS6AI score0.01735EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/01 10:38 p.m.4 views

Directory Traversal

Overview copier is an A library for rendering project templates. Affected versions of this package are vulnerable to Directory Traversal via the externaldata paths. If a user runs Copier on an untrusted template, an attacker can access and expose the contents of arbitrary local files by supplying...

6.7CVSS6.5AI score0.00287EPSS
Exploits1References2
OSV
OSV
added 2026/03/10 6:28 p.m.5 views

GO-2026-4565 Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets

Sealed Secrets for Kubernetes: Rotate API Allows Scope Widening from Strict/Namespace-Wide to Cluster-Wide via Untrusted Template Annotations in github.com/bitnami-labs/sealed-secrets...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References4
OSV
OSV
added 2022/01/06 8:32 p.m.4 views

GHSA-59J4-WJWP-MW9M Sandbox Bypass in Apache Velocity Engine

An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache...

8.8CVSS7.1AI score0.22709EPSS
Exploits0References26
Rows per page
Query Builder