Résumé
MCPVault: PathFilter restricted-directory deny-list bypass via case and trailing dot/space equivalence
Références
Vulnérabilités liées
Tout Supply chain →- LOWGHSA-CF98-J28V-49V6
OpenFGA Improper Policy Enforcement
- MEDIUMGHSA-8XPQ-CJCF-3WH9
Deno: Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)
- MEDIUMGHSA-Q59X-JC9F-GFQF
Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints
- MEDIUMGHSA-5739-39V2-5754
PHP JWT Library: RSA1_5 (RSAES-PKCS1-v1_5) decryption lacks implicit rejection, exposing a Bleichenbacher/Marvin padding oracle
- HIGHGHSA-JC38-X7X8-2XC8
PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks
- HIGHGHSA-3PRJ-6HQW-CM82
PHP JWT Library: PBES2-HS*+A*KW unwrap accepts an unbounded p2c iteration count, enabling CPU-amplification denial of service