Lucene search
K

7 matches found

OSV
OSV
added 2026/02/05 9:46 p.m.9 views

GHSA-JQ9F-GM9W-RWM9 OpenFGA Improper Policy Enforcement

Impact OpenFGA v1.8.5 to v1.11.2 openfga-0.2.22 = Helm chart = openfga-0.2.51, v.1.8.5 = docker = v.1.11.2 are vulnerable to improper policy enforcement when certain Check calls are executed. Affected Users Users are affected by this vulnerability if all of the following preconditions are met: -...

5.8CVSS5.5AI score0.00308EPSS
Exploits0References5
Snyk
Snyk
added 2025/09/09 7:47 p.m.2 views

Command Injection

Overview OctoPrint is a snappy web interface for your 3D printer Affected versions of this package are vulnerable to Command Injection due to upload file when a specially crafted filename is included in a command defined in a system event handler and the corresponding event is triggered. An...

8.8CVSS5.9AI score0.19313EPSS
Exploits4References2
OSV
OSV
added 2024/08/02 11:8 a.m.4 views

OESA-2024-1916 avro security update

Apache Avro is a data serialization system. Security Fixes: When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Java applications using Apache Avro Java SDK up...

7.5CVSS6.9AI score0.01772EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/11/25 12:0 a.m.13 views

VulnCheck KEV: CVE-2020-17518

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

7.5CVSS7.2AI score0.50038EPSS
Exploits1References1
PyPA
PyPA
added 2023/09/29 5:15 p.m.5 views

PYSEC-2023-188

When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro...

7.5CVSS7.7AI score0.01772EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2021/08/18 9:13 a.m.12 views

apache-flink: directory traversal attack allows remote file writing through the REST API

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

7.5CVSS5.9AI score0.50038EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.3 views

apache-flink: directory traversal attack allows remote file writing through the REST API

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...

7.5CVSS5.9AI score0.50038EPSS
Exploits1References4
Rows per page
Query Builder