36144 matches found
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CreateCustomVolumeFromBackup process. An attacker can cause the incusd daemon to crash by uploading a crafted backup tarball with a volumesnapshots.expiresat field omitted, leading to a nil pointer...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CreateCustomVolumeFromBackup process. An attacker can cause the incusd daemon to crash by uploading a crafted backup tarball with a volumesnapshots.expiresat field omitted, leading to a nil pointer...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation via improper validation of the compressionalgorithm parameter. An attacker can achieve arbitrary file write and potentially execute arbitrary commands by injecting additional arguments into the compression...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation via improper validation of the compressionalgorithm parameter. An attacker can achieve arbitrary file write and potentially execute arbitrary commands by injecting additional arguments into the compression...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation via improper validation of the compressionalgorithm parameter. An attacker can achieve arbitrary file write and potentially execute arbitrary commands by injecting additional arguments into the compression...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the createDependentVolumesFromBackup process. An attacker can cause the daemon to crash by uploading a crafted backup tarball with a malformed dependentvolumes block containing nil or omitted sub-fields. This...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the createDependentVolumesFromBackup process. An attacker can cause the daemon to crash by uploading a crafted backup tarball with a malformed dependentvolumes block containing nil or omitted sub-fields. This...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the createDependentVolumesFromBackup process. An attacker can cause the daemon to crash by uploading a crafted backup tarball with a malformed dependentvolumes block containing nil or omitted sub-fields. This...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via unsanitized handling of the uploadId parameter in the multipart upload process. An attacker can create arbitrary files on the host system, potentially leading to arbitrary command execution, by...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via unsanitized handling of the uploadId parameter in the multipart upload process. An attacker can create arbitrary files on the host system, potentially leading to arbitrary command execution, by...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via unsanitized handling of the uploadId parameter in the multipart upload process. An attacker can create arbitrary files on the host system, potentially leading to arbitrary command execution, by...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via a crafted symlink in the templates directory during image import or instance backup restoration processes. An attacker can access and modify arbitrary files on the host system, potentially leadi...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via a crafted symlink in the templates directory during image import or instance backup restoration processes. An attacker can access and modify arbitrary files on the host system, potentially leadi...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path via a crafted symlink in the templates directory during image import or instance backup restoration processes. An attacker can access and modify arbitrary files on the host system, potentially leadi...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization through the raw.lxc and raw.qemu hooks when the restricted.containers.lowlevel=block setting is ignored during instance snapshot restoration. An attacker can execute arbitrary commands with root privileges on the...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization through the raw.lxc and raw.qemu hooks when the restricted.containers.lowlevel=block setting is ignored during instance snapshot restoration. An attacker can execute arbitrary commands with root privileges on the...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization through the raw.lxc and raw.qemu hooks when the restricted.containers.lowlevel=block setting is ignored during instance snapshot restoration. An attacker can execute arbitrary commands with root privileges on the...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the record-output process. An attacker can create or overwrite files on the host system by exploiting a crafted symlink in a container image, which can lead to arbitrary command execution...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the record-output process. An attacker can create or overwrite files on the host system by exploiting a crafted symlink in a container image, which can lead to arbitrary command execution...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the record-output process. An attacker can create or overwrite files on the host system by exploiting a crafted symlink in a container image, which can lead to arbitrary command execution...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the rootfs symlink during image extraction. An attacker can gain unauthorized access to sensitive files and perform arbitrary file creation or modification on the host by importing a special...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the rootfs symlink during image extraction. An attacker can gain unauthorized access to sensitive files and perform arbitrary file creation or modification on the host by importing a special...
External Control of File Name or Path
Overview Affected versions of this package are vulnerable to External Control of File Name or Path through the rootfs symlink during image extraction. An attacker can gain unauthorized access to sensitive files and perform arbitrary file creation or modification on the host by importing a special...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the fn-git-create-hook process when a crafted app name containing shell metacharacters is pushed to a git remote. An attacker can execute arbitrary commands as the application user by embedding malicious input in t...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the cron process in the app.json file. An attacker can execute arbitrary commands on the host system by injecting special shell characters into the cron command. Remediation Upgrade...
Missing Authorization
Overview pagekit/pagekit is a modular and lightweight CMS built with Symfony components and Vue.js. Affected versions of this package are vulnerable to Missing Authorization due to missing authorization checks in the saveAction function of UserApiController. An attacker can gain elevated privileg...
Brute Force
Overview payload is a Node, React and MongoDB Headless CMS and Application Framework Affected versions of this package are vulnerable to Brute Force due to insufficient access control in the unlock process. An attacker can regain access to a locked account by exploiting the default unlock...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the git:from-archive and certs:add processes. An attacker can overwrite arbitrary files on the system by supplying a crafted tar or zip archive containing symlinks that are followed during extraction, potentially...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the image import process. An attacker can interact with internal network infrastructure and perform error-based port scanning by supplying a crafted URL to the /images endpoint, which causes the daemo...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the image import process. An attacker can interact with internal network infrastructure and perform error-based port scanning by supplying a crafted URL to the /images endpoint, which causes the daemo...
Directory Traversal
Overview org.webjars.npm:extract-zip is an unzip a zip file into a directory using 100% javascript Affected versions of this package are vulnerable to Directory Traversal via the extraction process. An attacker can access or modify arbitrary files by crafting a malicious zip archive containing...
Directory Traversal
Overview extract-zip is an unzip a zip file into a directory using 100% javascript Affected versions of this package are vulnerable to Directory Traversal via the extraction process. An attacker can access or modify arbitrary files by crafting a malicious zip archive containing symlinks that poin...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the StaticDirectoryHandler process. An attacker can gain unauthorized access to static files by sending requests with encoded slashes %2F in the URL, which bypasses route-level access controls due to inconsistent...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the StaticDirectoryHandler process. An attacker can gain unauthorized access to static files by sending requests with encoded slashes %2F in the URL, which bypasses route-level access controls due to inconsistent...
Directory Traversal
Overview github.com/labstack/echo/v4/middleware is a middleware package for echo. Affected versions of this package are vulnerable to Directory Traversal via the StaticDirectoryHandler process. An attacker can gain unauthorized access to static files by sending requests with encoded slashes %2F i...
Directory Traversal
Overview github.com/labstack/echo/v5/middleware is a middleware package for echo. Affected versions of this package are vulnerable to Directory Traversal via the StaticDirectoryHandler process. An attacker can gain unauthorized access to static files by sending requests with encoded slashes %2F i...
Unverified Password Change
Overview Affected versions of this package are vulnerable to Unverified Password Change in the OAuth2 authentication module when the password is silently rewritten to the username upon OAuth2 re-login. An attacker can gain unauthorized access to user accounts by authenticating with both the...
Insecure Default Initialization of Resource
Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the MSISDN authentication process. An attacker can gain unauthorized access to arbitrary user sessions by injecting crafted input into the LDAP search filter. This is only exploitable if t...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the inopentelemetry process. An attacker can cause excessive memory consumption by sending a large HTTP request or a highly compressed payload that decompresses to a very large...
Arbitrary Code Injection
Overview Genshi is an A toolkit for generation of output for the web Affected versions of this package are vulnerable to Arbitrary Code Injection via the expression evaluation process. An attacker can execute arbitrary code on the server by submitting specially crafted template expressions...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the devLXDInstancePatchHandler component. An attacker can mount, read, and overwrite another guest's custom storage volume by sending a crafted device PATCH request over /dev/lxd when...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the snapshot restoration process. An attacker can gain unauthorized root access on the host by importing a specially crafted instance backup containing restricted configuration keys within a snapshot, which ar...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the snapshot restoration process. An attacker can gain unauthorized root access on the host by importing a specially crafted instance backup containing restricted configuration keys within a snapshot, which ar...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the snapshot restoration process. An attacker can gain unauthorized root access on the host by importing a specially crafted instance backup containing restricted configuration keys within a snapshot, which ar...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the CreateCustomVolumeFromBackup process. An attacker can cause the application to crash by submitting a specially crafted backup tarball that omits the expiresat snapshot field. This is only exploitable if t...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free via the model quantization engine. An attacker can access and extract sensitive data from the server's heap memory by sending unauthenticated remote requests. Remediation There is no fixed version for...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the ins3 process. An attacker can cause excessive memory consumption by uploading a highly compressed file that decompresses to a large size, leading to resource exhaustion and...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the outhttp process when untrusted user input is used in the endpoint configuration parameter. An attacker can cause the system to send HTTP requests to arbitrary internal services by manipulating...
Improper Handling of Highly Compressed Data (Data Amplification)
Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the inhttp and inforward plugins when decompressing gzip-compressed data. An attacker can cause excessive memory consumption by sending a highly compressed payload that...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the inmonitoragent process. An attacker can access sensitive internal instance variables, including credentials, by sending HTTP requests to the Monitor Agent API endpoints. The impact...