6 matches found
CVE-2026-59868
A flaw was found in js-yaml, a JavaScript YAML parser and dumper. When merge keys are enabled, a remote attacker could exploit this vulnerability by crafting a YAML document where a chain of mappings uses merge keys, each merging the previous one. This can lead to a significant increase in CPU ti...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the image upload process due to improper validation of the return value from the getimagesize function. An attacker can cause persistent application crashes and denial of service b...
Security Bulletin: IBM Watsonx BI is affected by use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP).
Summary Watsonx BI use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jinja2-3.1.5-py3-none-any.whl
Summary IBM Watson Discovery Cartridge contains a vulnerable version of jinja2-3.1.5-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filt...
External Control of System or Configuration Setting
Overview django-stubs is a Mypy stubs for Django Affected versions of this package are vulnerable to External Control of System or Configuration Setting via the inclusion of type stubs for deprecated and insecure password hashers such as MD5PasswordHasher, SHA1PasswordHasher, and...
DEBIAN-CVE-2020-36649
A vulnerability was found in mholt PapaParse up to 5.1.x. It has been classified as problematic. Affected is an unknown function of the file papaparse.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 5.2.0 is able to address this issue. The name of the...