6 matches found
UBUNTU-CVE-2025-67746
Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and...
PYSEC-2024-189
Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. Users are recommended to upgrade to version 2.9.3, which fixes this issue...
CVE-2024-39863 Apache Airflow: Potential XSS Vulnerability
Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. Users are recommended to upgrade to version 2.9.3, which fixes this issue...
PT-2023-25823 · C-Blosc2 · C-Blosc2
Name of the Vulnerable Software and Affected Versions: C-blosc2 versions prior to 2.9.3 Description: The issue is related to a NULL pointer dereference in the zfp acc decompress function, located in the zfp/blosc2-zfp.c file. This indicates a problem where the software attempts to access memory...
PT-2023-25822 · C-Blosc2 · C-Blosc2
Name of the Vulnerable Software and Affected Versions: C-blosc2 versions prior to 2.9.3 Description: The issue is related to a NULL pointer dereference in the ndlz/ndlz8x8.c file of C-blosc2. This occurs when a NULL pointer is passed to the memset function. Recommendations: For versions prior to...
PT-2015-3254
Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.3 Description The issue is related to a heap-based buffer overflow in the xmlParseXmlDecl function, which can be exploited by context-dependent attackers to cause a denial of service. This occurs via unspecified...