6 matches found
0perator (>=0.1.0 <=0.3.0), 0pflow (>=0.1.0 <=0.1.0-dev.f5622ac) +1435 more potentially affected by CVE-2026-44902 via @opentelemetry/auto-instrumentations-node (>=0.16.0 <=0.74.0)
@opentelemetry/auto-instrumentations-node NPM version =0.16.0, =0.1.0, =0.1.0, =0.0.1, =0.8.0, =1.0.5, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.2.0, =0.2.0, =0.0.1, =0.3.4, =0.1.0, =0.4.0, =0.4.0, =0.4.0, =5.0.1-staging.f17326334 and more Source cves: CVE-2026-44902...
GHSA-74VM-8FRP-7W68 EPyT-Flow vulnerable to unsafe JSON deserialization (__type__)
Impact EPyT-Flow’s REST API parses attacker-controlled JSON request bodies using a custom deserializer myloadfromjson that supports a type field. When type is present, the deserializer dynamically imports an attacker-specified module/class and instantiates it with attacker-supplied arguments. Thi...
Pomerium 安全漏洞
Pomerium is an open source identity-aware access agent from the U.S. company Pomerium. It is used to enable secure access to internal applications. A security vulnerability exists in Pomerium that stems from the fact that in a distributed services model, Pomerium's authentication service exposes...
abd-clam (>=0.10.0-dev0 <=0.12.1), adbc_core (=0.14.0) +290 more potentially affected by unknown CVE via arrow (>=0.16.0 <=5.5.0)
arrow CARGO version =0.16.0, =0.10.0-dev0, =0.6.0, =0.6.0, =0.2.0, =0.4.0, =0.3.0, =0.2.0, =2.0.0, =0.2.0, =0.1.0, =0.2.0 - arrow-graph-core =0.1.0 - arrow-graph-git =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0116...
Eclipse Theia 注入漏洞
Eclipse Theia is the Eclipse Foundation's set of Visual Studio Code-based open source integrated development environment for desktop and Web applications framework. An injection vulnerability exists in Eclipse Theia 0.16.0 and earlier versions, which stems from the absence of HTML escaping in...
Ruby Net::LDAP gem SSL Certificate Validation Vulnerability
Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto.Net::LDAP aka net-ldap gem is one of the lightweight directory access modules. A security vulnerability exists in the Ruby Net::LDAP gem prior to version...