10 matches found
CVE-2025-68437 Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation
Craft is a platform for creating digital experiences. In versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, the Craft CMS GraphQL saveAsset mutation is vulnerable to Server-Side Request Forgery SSRF. This vulnerability arises because the file input, specifically its url parameter,...
EUVD-2022-3689
Malicious code in bioql PyPI...
Kubernetes CSI Sidecar Containers Can Allow Unauthorized Data Access
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
GHSA-F4W6-3RH6-6Q4Q Kubernetes CSI Sidecar Containers Can Allow Unauthorized Data Access
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
CVE-2019-11255
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
CVE-2019-11255
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
Input validation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
CVE-2019-11255 Kubernetes CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation
Improper input validation in Kubernetes CSI sidecar containers for external-provisioner v0.4.3, v1.0.2, v1.1, v1.2.2, v1.3.1, external-snapshotter v0.4.2, v1.0.2, v1.1, 1.2.2, and external-resizer v0.1, v0.2 could result in unauthorized PersistentVolume data access or volume mutation during...
CVE-2019-11255
Technical details for CVE-2019-11255 are not publicly available in the provided documents. Monitor for updates in the official sources to obtain affected components, root cause, impact, and remediation.