5 matches found
Improper Handling of Highly Compressed Data (Data Amplification)
Overview guarddog is a GuardDog is a CLI tool to Identify malicious PyPI packages Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the safeextract function. An attacker can exhaust disk space and disrupt services by submitting ...
PYSEC-2023-171
Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticatedusers who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the secret configuration of the task that otherwise would be masked in the UI.Users are strongly advise...
SUSE CVE-2022-41853
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...
UBUNTU-CVE-2022-41853
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL DataBase to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can...
OPENSUSE-SU-2020:1433-1 Security update for docker-distribution
This update for docker-distribution fixes the following issues: - Enable build on %arm which include armv6, not only on armv7 - Enable ppc64le - Use correct URL to project - Remove fillup, we don't ship a sysconfig file - Correct systemd requires - Enable build on ARM - Upgraded to 2.7.1 - Suppor...