5 matches found
Apache Thrift 安全漏洞
Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by improper validation of certificate-hostname mismatches...
UBUNTU-CVE-2026-27953
ormar is a async mini ORM for Python. Versions 0.23.0 and below are vulnerable to Pydantic validation bypass through the model constructor, allowing any unauthenticated user to skip all field validation by injecting "pkonly": true into a JSON request body. By injecting "pkonly": true into a JSON...
AZL-31787 CVE-2023-40660 affecting package opensc for versions less than 0.23.0-4
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock a...
br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0), br.com.labbs:quarkus-monitor-reactive-deployment (=1.0.4) +213 more potentially affected by CVE-2022-4116 via io.quarkus:quarkus-vertx-http-deployment (>=0.23.0 <=2.13.4.Final)
io.quarkus:quarkus-vertx-http-deployment MAVEN version =0.23.0, =0.1.5, =1.5.0-Alpha2, =1.0.0, =1.1.0, =0.0.10, =1.0.0, =1.0.0-RC3, =0.4.0, =0.4.0, =0.4.0, =0.20.0 and more Source cves: CVE-2022-4116 Source advisory: OSV:GHSA-G56W-CWG4-HXX9https://vulners.com/osv/OSV:GHSA...
scikit-learn code issue vulnerability
scikit-learn is an open-source Python-based machine learning package that supports features such as spam detection, image recognition, and prediction of continuous-valued attributes of associations. A code issue vulnerability exists in scikit-learn sklearn 0.23.0 and earlier versions, which can b...