Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
BIT-nginx-ingress-controller-2026-3288
  • Bitnami/nginx-ingress-controller
 ingress-nginx rewrite-target nginx configuration injection 4 hours ago
  • Fix available
  • Severity - 8.8 (High)
BIT-envoy-2026-26330
  • Bitnami/envoy
 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly 4 hours ago
  • Fix available
  • Severity - 7.5 (High)
BIT-envoy-2026-26311
  • Bitnami/envoy
 Envoy HTTP: filter chain execution on reset streams causing UAF crash 4 hours ago
  • Fix available
  • Severity - 5.9 (Medium)
BIT-envoy-2026-26310
  • Bitnami/envoy
 Crash for scoped ip address in Envoy during DNS 4 hours ago
  • Fix available
  • Severity - 7.5 (High)
BIT-envoy-2026-26309
  • Bitnami/envoy
 Envoy has an off-by-one write in JsonEscaper::escapeString() 4 hours ago
  • Fix available
  • Severity - 5.3 (Medium)
BIT-envoy-2026-26308
  • Bitnami/envoy
 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation 4 hours ago
  • Fix available
  • Severity - 8.2 (High)
BIT-appsmith-2026-30862
  • Bitnami/appsmith
 Critical Stored XSS & Privilege Escalation in Appsmith 4 hours ago
  • Fix available
  • Severity - 9.0 (Critical)
BIT-parse-2026-30863
  • Bitnami/parse
 Parse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adapters 21 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
BIT-parse-2026-30854
  • Bitnami/parse
 Parse Server: GraphQL `__type` introspection bypass via inline fragments when public introspection is disabled 21 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
BIT-parse-2026-30850
  • Bitnami/parse
 Parse Server: File metadata endpoint bypasses `beforeFind` / `afterFind` trigger authorization 21 hours ago
  • Fix available
  • Severity - 6.3 (Medium)
BIT-parse-2026-30848
  • Bitnami/parse
 Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory 21 hours ago
  • Fix available
  • Severity - 6.3 (Medium)
BIT-parse-2026-30835
  • Bitnami/parse
 Parse Server: Malformed `$regex` query leaks database error details in API response 21 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
BIT-parse-2026-30229
  • Bitnami/parse
 Parse Server: Endpoint `/loginAs` allows `readOnlyMasterKey` to gain full read and write access as any user 21 hours ago
  • Fix available
  • Severity - 8.5 (High)
BIT-parse-2026-30228
  • Bitnami/parse
 Parse Server: File creation and deletion bypasses `readOnlyMasterKey` write restriction 21 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
BIT-parse-2026-29182
  • Bitnami/parse
 Parse Server: Cloud Hooks and Cloud Jobs bypass `readOnlyMasterKey` write restriction 21 hours ago
  • Fix available
  • Severity - 8.6 (High)
BIT-zookeeper-2026-24308
  • Bitnami/zookeeper
 Apache ZooKeeper: Sensitive information disclosure in client configuration handling 2 days ago
  • Fix available
  • Severity - 7.5 (High)
Load more...