GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Netflix → Security Bulletins

Netflix / Security Bulletins

Security Bulletins that relate to Netflix Open Source

Labels

security

Security Bulletins

Below are notifications for security and privacy events within Netflix Open Source applications.

Date Type Subject
March 10, 2021 Important Critical Vulnerability Exposing Private Keys in Lemur
December 08, 2020 Important SpEL Template injection on Netflix Spinnaker
November 6, 2020 Important Multiple Access Control Issues in Dispatch
November 6, 2020 Important Multiple XSS Vulnerabilities in Dispatch
August 27, 2020 Important Authenticated Server-Side Request Forgery in Orca Spinnaker
March 05, 2020 Important Server-Side Template Injection in Netflix Titus
February 24, 2020 Important Server-Side Template Injection in Netflix Conductor
June 20, 2019 Informational Dial Reference code implementation has Denial of Service
January 10, 2018 Important Unauthenticated Server-Side Request Forgery in Hystrix-Dashboard
April 14, 2017 Important Spinnaker Orca RCE and arbitrary file and URL access
August 31, 2016 Important zuul.filter.admin.enabled Defaults to True
June 6, 2016 Important Heap Overflow in Dynomite YAML Configuration Parser
February 22, 2015 Important External Entity Injection 'XXE' in Recipes-rss Open-Source Application

Below are notifications for security vulnerabilities in third-party software.

Date Type Subject
August 13, 2019 Important HTTP/2 Denial of Service Advisory
June 17, 2019 Important Linux and FreeBSD Kernel: Multiple TCP-based remote denial of service vulnerabilities

Unfortunately we are not able to address software support issues in this repository. Please contact the upstream project instead.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].