9 matches found
CVE-2026-45080
Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...
Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs
Summary Nokogiri v1.14.3 upgrades the packaged version of its dependency libxml2 to v2.10.4 from v2.10.3. libxml2 v2.10.4 addresses the following known vulnerabilities: - CVE-2023-29469: Hashing of empty dict strings isn't deterministic - CVE-2023-28484: Fix null deref in xmlSchemaFixupComplexTyp...
GHSA-PXVG-2QJ5-37JQ Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs
Summary Nokogiri v1.14.3 upgrades the packaged version of its dependency libxml2 to v2.10.4 from v2.10.3. libxml2 v2.10.4 addresses the following known vulnerabilities: - CVE-2023-29469: Hashing of empty dict strings isn't deterministic - CVE-2023-28484: Fix null deref in xmlSchemaFixupComplexTyp...
showdoc .md file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .md file extensions in the application's file upload feature. An attacker could use this vulnerability to...
Cross site scripting
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4...
CVE-2022-0946 Stored XSS viva cshtm file upload in star7th/showdoc
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4...
CVE-2022-0941 Stored XSS due to Unrestricted File Upload in star7th/showdoc
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4...
CVE-2022-0938
Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4...
CVE-2022-0938 Stored XSS via file upload in star7th/showdoc
Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4...