13 matches found
Improper Encoding or Escaping of Output
Overview org.apache.polaris:polaris-core is an a catalog for data lakes. It provides new levels of choice, flexibility and control over data, with full enterprise security and Apache Iceberg interoperability across a multitude of engines and infrastructure Affected versions of this package are...
EUVD-2025-1934
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-0937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...
ROS-20250307-12
Nomad application orchestrator vulnerability related to customization of wildcard namespace usage. namespace. Exploitation of the vulnerability could allow an attacker acting remotely to bypass ACL policy by allowing reads from other namespaces. ACL policy by allowing reads from other namespaces...
CVE-2025-0937
Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...
CVE-2025-0937
Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...
UBUNTU-CVE-2025-0937
Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...
CVE-2025-0937
Summary: CVE-2025-0937 affects Nomad Community and Nomad Enterprise. An event stream configured with a wildcard namespace can bypass ACL policy, allowing reads from other namespaces. What’s affected: Nomad’s event stream endpoint within Nomad Community and Nomad Enterprise. The underlying issue i...
CVE-2025-0937 Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace
Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...
CVE-2025-0937 Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace
Nomad Community and Nomad Enterprise "Nomad" event stream configured with a wildcard namespace can bypass the ACL Policy allowing reads on other namespaces...
Apache Struts Remote Code Execution Vulnerability
Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defined in underlying configurations and in same time, its upper package configuration have no or...
GHSA-CR6J-3JP9-RW65 Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
Apache Struts contains a Remote Code Execution when using results with no namespace and it's upper actions have no or wildcard namespace. The same flaw exists when using a url tag with no value, action set, and it's upper actions have no or wildcard namespace...
BSA-2018-700
Security Advisory ID : BSA-2018-700 Component : Apache Struts 2 Revision : 1.0: Final Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper actions have no or wildcard namespace. Same...