2 matches found
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack though incorrect handling of the OCI hook createContainer during container initialization when update-ldcache is used. An attacker can modify data or disrupt service by supplying a specially crafted container image that...
PT-2024-40406 · Unknown · Simplesamlphp
Name of the Vulnerable Software and Affected Versions: SimpleSAMLphp versions 1.17 up to 1.17.7 Description: The issue concerns an endpoint in the admin module of SimpleSAMLphp that exposes the output of the phpinfo PHP function, allowing any individual to access it without authenticating and...