BIT-GOLANG-2020-7919

Go before 1.12.16 and 1.13.x before 1.13.7 and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go allows attacks on clients resulting in a panic via a malformed X.509 certificate...

PT-2022-5137 · D-Bus +10 · D-Bus +10

Name of the Vulnerable Software and Affected Versions: D-Bus versions 1.12.24 and earlier, 1.13.x, 1.14.x before 1.14.4, and 1.15.x before 1.15.2 Description: An issue was discovered in D-Bus where an authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when...

CVE-2019-19901

An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying certain block descriptions created by administrators. An attacker could potentially craft a specialized description, then have an administrator execute...

CVE-2019-19900

An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't sufficiently filter output when displaying content type names in the content creation interface. An attacker could potentially craft a specialized content type name, then have an editor execute...

Design/Logic Flaw

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling...

Google Go Environmental Issues Vulnerability

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. An environment issue vulnerability exists in Google Go versions prior to 1.12.10 and 1.13.x prior to 1.13.1, which can be exploited by an attacker to bypass filters or perform a...

Kubernetes 1.11.x < 1.11.9 / 1.12.x < 1.12.7 / 1.13.x < 1.13.5 kubectl directory traversal

The version of Kubernetes installed on the remote host is version 1.11.x prior to 1.11.9, 1.12.x prior to 1.12.7 or 1.13.x prior to 1.13.5. It is, therefore, affected by a directory traversal vulnerability in the kubectl cp command due to mishandling of symlinks when copying files from a running...