4 matches found
GHSA-JXHV-7H78-9775 Wasmtime: Panic when transcoding misaligned utf-16 strings
Impact Wasmtime's implementation of transcoding strings into the Component Model's utf16 or latin1+utf16 encodings improperly verified the alignment of reallocated strings. This meant that unaligned pointers could be passed to the host for transcoding which would trigger a host panic. This panic ...
PT-2022-26268 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.7 Liferay DXP versions 7.3 fix pack 2 through update 4 Description: A SQL injection issue in the Friendly Url module allows attackers to execute arbitrary SQL commands via a crafted payload injected into the title...
PT-2021-2300 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to the lack of automatic termination of all sessions after a password change, which could allow a...
PT-2021-2328 · Adobe · Magento
Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to a stored cross-site scripting XSS in the customer address upload feature. Successful exploitation...