KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not ...
Continue Reading
July 11, 2022
### Impact The CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could use this weakness to make a request that will return an HTTP re ...
Continue Reading
July 11, 2022
Welcome to the first in a new series of blog posts about Qualys integrations. This first blog in the series covers our integrations as they relate to CMDB Sync, which is a part of [Qualys CyberSecuri ...
Continue Reading
July 11, 2022
### Impact go-ipfs nodes crash when trying to import certain malformed CAR files due to an issue in the go-car dependency. This impacts nodes running `ipfs dag import` on untrusted user inputs, for ex ...
Continue Reading
July 11, 2022
### Impact An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tri ...
Continue Reading
July 11, 2022
### Impact **Versions impacted** * `=` [email protected] * `>=` [email protected] **Description of user-facing changes** ***[email protected]*** imposes a fixed maximum header length and section length of 32 ...
Continue Reading
July 11, 2022
UnsafeAccessor (UA) is a bridge to access jdk.internal.misc.Unsafe & sun.misc.Unsafe. Normally, if UA is loaded as a named module, the internal data of UA is protected by JVM and others can only a ...
Continue Reading
July 11, 2022
# Description In `login` API, by default, `the IP address` will be blocked when the user tries to login incorrectly more than 5 times but we can bypass this mechanism by abuse `X-Forwarded-For` heade ...
Continue Reading
July 11, 2022
Back to Main
