VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1726 advisories across 32 monitored vendors.
zero initialize struct iphdr in dummy sk_buff. Red Hat rates this low (CVSS 5.5). Weakness: CWE-824.
reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb. Red Hat rates this moderate (CVSS 6.4). Weakness: CWE-1284.
use generic driver_override infrastructure. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-413.
fix deadlock in remain-on-channel. Red Hat rates this low (CVSS 5.5). Weakness: CWE-833.
handle rbtree insertion error in decode_choose_args(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-617.
join hook list via splice_list_rcu() in commit phase. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-821.
Set the mhdp connector earlier in atomic_enable(). Red Hat rates this low (CVSS 5.5). Weakness: CWE-824.
dm cache: fix dirty mapping checking in passthrough mode switching. Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-367.
prevent NULL pointer dereference during unmount. Red Hat rates this low (CVSS 5.5). Weakness: CWE-825.
Fix stale offload->prog pointer after constant blinding. Red Hat rates this moderate (CVSS 6.7). Weakness: CWE-825.
Fix potential out-of-bounds access in osdmap_decode(). Red Hat rates this moderate (CVSS 5.5). Weakness: CWE-1284.
Python tarfile module: Denial of Service via improper EOF handling in streaming mode. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-835. Red Hat lists fixing advisory RHSA-2026:35813 with package python3-11-main-3.11.15-4.4.hum1, python3-14-main-3.14.6-1.2.hum1, python3-13-main-3.13.14-1.2.hum1, python3-12-main-3.12.13-3.3.hum1.
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, UnwrappedPropertyHandler.processUnwrappedCreatorProperties() replays buffered JSON into creator parameters but never consults prop.visibleInView(activeView). The normal property-based creator path gates creator properties on the active view, but this unwrapped-creator replay path bypasses that check, so a constructor parameter annotated with both @JsonView(AdminView.class) and @JsonUnwrapped is populated from attacker JSON even when a more restrictive view is active. This vulnerability is fixed in 2.21.4 and 3.1.4. This vulnerability allows a remote attacker to bypass security view restrictions by sending specially crafted JSON (JavaScript Object Notation) data. The UnwrappedPropertyHandler component, which processes unwrapped properties, incorrectly populates constructor parameters that should be hidden by an active security view. This can lead to unauthorized information disclosure or data manipulation. When processing unwrapped creator properties, the component fails to properly enforce @JsonView annotations, enabling sensitive constructor parameters to be populated from untrusted JSON data. Red Hat severity: Moderate — CVSS 6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N). Weakness: CWE-639.
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddress(host, port), which performs eager DNS name resolution for hostname inputs at deserialization time. An application that binds untrusted JSON into a type containing an InetSocketAddress field issues an attacker-chosen DNS query during readValue, before any application-level validation or connect logic. The fix uses InetSocketAddress.createUnresolved(host, port), deferring DNS to an explicit connect. This vulnerability is fixed in 2.18.8, 2.21.4, and 3.1.4. A flaw was found in jackson-databind, a library used for processing JSON data. This vulnerability allows a remote attacker to force the application to perform an attacker-chosen DNS (Domain Name System) query. This occurs when untrusted JSON input containing specific network address information is processed, potentially leading to the disclosure of sensitive network configuration details. Moderate: A flaw in `jackson-databind` can lead to information disclosure in Red Hat products that process untrusted JSON input. This eager DNS resolution occurs before application-level validation, potentially revealing internal network configuration details through DNS logs.
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual(), per-property @JsonIgnoreProperties exclusions are applied by _handleByNameInclusion(), producing a contextual deserializer whose BeanPropertyMap has the ignored properties removed. The subsequent per-property case-insensitivity block (triggered by @JsonFormat(ACCEPT_CASE_INSENSITIVE_PROPERTIES)) rebuilds from this._beanProperties (the original, unfiltered map) instead of contextual._beanProperties, then overwrites the filtered map — restoring every property _handleByNameInclusion had just removed. This vulnerability is fixed in 2.18.9, 2.21.5, and 3.1.4. This vulnerability occurs in the data-binding functionality where properties intended to be ignored are incorrectly restored and become writable again. An attacker could potentially exploit this by providing input that modifies data through these supposedly ignored properties. This could lead to unintended changes in application data, impacting data integrity. This is a Moderate impact flaw in jackson-databind where applications enabling case-insensitive property matching alongside per-property @JsonIgnoreProperties may inadvertently expose fields to unauthorized modification.
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, POJOPropertiesCollector._renameProperties() allows a property with @JsonProperty("renamed") on the getter and @JsonIgnore on the setter to be renamed rather than dropped. With MapperFeature.INFER_PROPERTY_MUTATORS enabled (default), the private backing field is retained; during deserialization BeanDeserializerFactory.addBeanProps() sees hasField()==true, builds a FieldProperty, and makes the backing field writable. An attacker supplying the renamed JSON key writes the backing field directly, bypassing the @JsonIgnore on the setter. This vulnerability is fixed in 3.1.4. This vulnerability allows a remote attacker to bypass security controls by exploiting an issue in how properties are handled when both @JsonProperty (for renaming) and @JsonIgnore (for ignoring) annotations are used. By supplying a specially crafted JSON key, an attacker can directly write to a private data field, circumventing the intended security restrictions and potentially leading to unexpected data modification. Moderate: This flaw in jackson-databind allows for property tampering and mass assignment in Red Hat products. Red Hat severity: Moderate — CVSS 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Weakness: CWE-915.
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, in BeanDeserializer._deserializeUsingPropertyBased, the active-view (@JsonView) filter was applied only to creator properties; the regular property-buffering branch performed no prop.visibleInView(activeView) check. A change making SetterlessProperty.isMerging() return true routed setterless Collection/Map properties through this unguarded path, so a setterless collection annotated with a restricted @JsonView is populated from attacker JSON even when the active view excludes it. This vulnerability is fixed in 2.21.4 and 3.1.4. A remote attacker can exploit this vulnerability due to an issue in how active-view (@JsonView) filters are applied. This can lead to information disclosure, allowing an attacker to access data that should otherwise be restricted. Moderate: A flaw in jackson-databind allows for information disclosure and an access-control bypass. This occurs because the `@JsonView` filter, intended to restrict data visibility, is not correctly applied to setterless collection and map properties during deserialization. An attacker could exploit this to populate view-restricted properties from untrusted JSON, potentially accessing sensitive data that should be excluded by the active view.
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported nginx.ingress.kubernetes.io/auth-type and auth-secret annotations, but the referenced auth Secret cannot be resolved or parsed, Traefik logs the resolution error, skips installing the authentication middleware, and still emits a router to the backend service. A route that operators intended to protect is therefore published to the data plane without its authentication control, allowing unauthenticated access to the backend. The trigger is an invalid or unresolved auth dependency — a missing, malformed, unreadable, or policy-denied Secret — rather than an intentionally unprotected route. This vulnerability is fixed in 3.7.5. This allows unauthenticated access to backend services that were intended to be protected, potentially exposing sensitive information or functionality. Red Hat severity: Low — CVSS 4.4 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N). Weakness: CWE-166. Affected Red Hat products: Red Hat OpenShift Dev Spaces. Red Hat does not currently list a fixing RHSA for this CVE.
Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, such as <<>img src=x onerror=alert()>, can bypass the tag-stripping logic, potentially leaving dangerous content in the output if it is later rendered as HTML. This may allow client-side XSS in cases where untrusted strings are rendered unsafely. This vulnerability is fixed in 2.11.4. This oversight allows dangerous content to remain in the output, which, if subsequently rendered as HTML, can lead to client-side Cross-Site Scripting (XSS). A remote attacker could exploit this by providing specially crafted input, potentially executing malicious scripts in a user's browser. Caddy's stripHTML template function fails to reliably strip malformed HTML, which can lead to client-side XSS if untrusted input is rendered through Caddy's `templates` directive. Exploitation requires the `templates` directive to be enabled in a Caddyfile with a template that calls stripHTML on untrusted input; Caddy deployments that only use `file_server` for static asset serving never reach the vulnerable function.
When using the "configparser" module to write configuration files containing multi-line text values with carriage return characters (\r) the resulting file could be injected with unexpected keys and values if the attacker controls the written value. This occurs if the input contains multi-line text with carriage return characters, leading to potential configuration manipulation. Red Hat severity: Moderate — CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N). Weakness: CWE-93. Affected Red Hat products: Red Hat Enterprise Linux 8. Red Hat does not currently list a fixing RHSA for this CVE.