Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-2551

Malware in sbrugna...

9.6CVSS8.9AI score0.00977EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2023/02/15 3:53 a.m.3 views

SUSE CVE-2020-26290

Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the underlying Go library...

9.6CVSS9.5AI score0.00977EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.15 views

Fedora: Security Advisory for golang-github-mattermost-xml-roundtrip-validator (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.05994EPSS
Exploits4References2
RedHat Linux
RedHat Linux
added 2022/02/21 9:4 a.m.2 views

ruby: XML round-trip vulnerability in REXML

A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using REXML and writing parsed data back to a new XML document results in creating a document with a different structure. This issue could affect the integrity of processed data in...

7.5CVSS7.3AI score0.05061EPSS
Exploits0References4
Debian
Debian
added 2022/02/03 7:26 p.m.56 views

[SECURITY] [DSA 5066-1] ruby2.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5066-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 03, 2022 https://www.debian.org/security/faq -...

7.5CVSS8.6AI score0.05061EPSS
Exploits4
OSV
OSV
added 2021/04/21 7:15 a.m.5 views

ALPINE-CVE-2021-28965

The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing...

7.5CVSS7AI score0.05061EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/12/17 2:11 a.m.50 views

CVE-2020-29511

A flaw was found in go. Encoding and decoding of XML elements could lead to changes in the observed integrity. An attacker could use this flaw to trick applications which rely on element integrity for security decisions to make those decisions incorrectly. Known vulnerability use-cases are SAML a...

10CVSS2AI score0.04872EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2020/12/17 1:26 a.m.45 views

CVE-2020-29509

A flaw was found in go. Encoding and decoding of XML attributes could lead to changes in the observed integrity. An attacker could use this flaw to trick applications which rely on attribute integrity for security decisions to make those decisions incorrectly. Known vulnerability use-cases are SA...

10CVSS2.5AI score0.04872EPSS
Exploits1References6
Rows per page
Query Builder