Lucene search
K

6 matches found

Snyk
Snyk
added 2026/04/21 8:50 p.m.4 views

Incorrect Behavior Order: Early Validation

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Early Validation via incomplete validation of paths in the process. An attacker can gain unauthorized access to internal system directories and potentially read or modify sensitive data by supplying specially...

5.4CVSS5.4AI score0.0022EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/21 8:47 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the HTTP resolver process. An attacker can cause excessive memory consumption and termination of the tekton-pipelines-resolvers pod by directing it to retrieve a very large HT...

7.1CVSS5.8AI score0.00318EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/08/21 12:1 a.m.9 views

CVE-2025-48978

An Improper Input Validation in EdgeMAX EdgeSwitch Version 1.11.0 and earlier could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network. Affected Products: EdgeMAX EdgeSwitch Version 1.11.0 and earlier Mitigation: Update the EdgeMAX EdgeSwitch to Version 1.11...

0.00687EPSS
Exploits0References1
Snyk
Snyk
added 2024/08/19 3:42 p.m.3 views

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' due to the parse and parsenat functions. An attacker can cause a denial of service by sending specially crafted inputs that are excessively long. Workaround Ensure that Fugit.parse...

7.5CVSS6.8AI score0.00792EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.5 views

PT-2024-30542 · Fugit +1 · Fugit +1

Name of the Vulnerable Software and Affected Versions: fugit versions prior to 1.11.1 Description: The fugit "natural" parser, which turns natural language into cron expressions, accepted any length of input and attempted to parse it without returning promptly. This could cause the parse call to...

7.5CVSS8.8AI score0.00792EPSS
Exploits0References26
Positive Technologies
Positive Technologies
added 2022/07/11 12:0 a.m.3 views

PT-2022-20513 · Kubeedge · Kubeedge

Name of the Vulnerable Software and Affected Versions: KubeEdge versions prior to 1.11.1 KubeEdge versions prior to 1.10.2 KubeEdge versions prior to 1.9.4 Description: The CloudCore Router in KubeEdge does not impose a limit on the size of responses to requests made by the REST handler, allowing...

6.5CVSS7AI score0.00652EPSS
Exploits0References7
Rows per page
Query Builder