Fedora 44 : editorconfig (2026-4fb6f57673)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4fb6f57673 advisory. Update to 0.12.11: security fix for CVE-2026-40489. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

OESA-2026-2260 editorconfig security update

EditorConfig makes it easy to maintain the correct coding style when switching between different text editors and between different projects. The EditorConfig project maintains a file format and plugins for various text editors which allow this file format to be read and used by those editors...

OESA-2026-2259 editorconfig security update

EditorConfig makes it easy to maintain the correct coding style when switching between different text editors and between different projects. The EditorConfig project maintains a file format and plugins for various text editors which allow this file format to be read and used by those editors...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

CVE-2026-40489

CVE-2026-40489 affects editorconfig-core-c. Versions ≤ 0.12.10 have a stack-based buffer overflow in ec_glob() that can crash an application using libeditorconfig when given a crafted directory and .editorconfig file; this is an incomplete fix for CVE-2023-0341. The issue relates to the pcre_str ...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

Linux Distros Unpatched Vulnerability : CVE-2026-40489

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based...

Security update for gstreamer-plugins-rs

This update for gstreamer-plugins-rs fixes the following issues: Update to version 0.12.11 jscPED-13826: CVE-2024-32650: Fixed infinite loop in rustls::conn::ConnectionCommon:completeio with proper client input bsc1223219. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:03629-1 Security update for gstreamer-plugins-rs

This update for gstreamer-plugins-rs fixes the following issues: Update to version 0.12.11 jscPED-13826: - CVE-2024-32650: Fixed infinite loop in rustls::conn::ConnectionCommon:completeio with proper client input bsc1223219...

CVE-2022-2024 OS Command Injection in gogs/gogs

OS Command Injection in GitHub repository gogs/gogs prior to 0.12.11...

PT-2023-12641 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: gogs/gogs versions prior to 0.12.11 Description: The issue allows a malicious user to update a crafted config file into a repository's .git directory, in combination with crafted file deletion, to gain SSH access to the server on...

CVE-2020-36660 paxswill EVE Ship Replacement Program User Information api.py information disclosure

A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may ...

CVE-2020-36660 paxswill EVE Ship Replacement Program User Information api.py information disclosure

A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may ...

evesrp 信息泄露漏洞

evesrp is an application by Will Ross personal developer. Designed to facilitate the Ship Replacement SRP or Reimbursement Program in the game EVE Online. An information disclosure vulnerability exists in evesrp version 0.12.11. An attacker exploiting this vulnerability could gain access to...