3 matches found
EUVD-2026-11041
Adobe Commerce versions 2.4.9-alpha3, 2.4.8-p3, 2.4.7-p8, 2.4.6-p13, 2.4.5-p15, 2.4.4-p16 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain limited...
AZL-73192 CVE-2025-68972 affecting package gnupg2 for versions less than 2.4.9-1
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds although an "invalid armor" message is printed...
DEBIAN-CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...