CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.
https://github.com/ckan/ckan/security/advisories/GHSA-2rqw-cfhc-35fh
https://github.com/ckan/ckan/commit/f6b032cd7082d784938165bbd113557639002ca7
Description A vulnerability was found in code-projects Crud Operation System 1.0. It has been classified as critical. This affects an
Description ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function. References https://mind-bytes.de/sql-injection-in-foss-online-cve-2024-34334/
Description A mishandling of IRP requests vulnerability exists in the HDAudBus_DMA interface of Microsoft High Definition Audio Bus Driver 10.0.19041.3636