Tuesday, July 2, 2024 Security Releases
Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...
7AI Score
homerenovationnation.com Cross Site Scripting vulnerability OBB-3939748
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
calellabarcelona.com Cross Site Scripting vulnerability OBB-3939747
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
northampton.ac.uk Cross Site Scripting vulnerability OBB-3939745
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
animalbulgaria.com Cross Site Scripting vulnerability OBB-3939742
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
himalaya.bg Cross Site Scripting vulnerability OBB-3939741
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
sunydutchess.edu Cross Site Scripting vulnerability OBB-3939740
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
ecc.edu Cross Site Scripting vulnerability OBB-3939739
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
documentos.femp.es Cross Site Scripting vulnerability OBB-3939738
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
dna.macrogen-singapore.com Cross Site Scripting vulnerability OBB-3939737
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cfmine.com Cross Site Scripting vulnerability OBB-3939736
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
jswcarsales.co.uk Cross Site Scripting vulnerability OBB-3939734
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
bodylinesports.co.in Cross Site Scripting vulnerability OBB-3939735
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
siamenamel.com Cross Site Scripting vulnerability OBB-3939733
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
liveincarejobs.co.uk Cross Site Scripting vulnerability OBB-3939732
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
opjak.cz Cross Site Scripting vulnerability OBB-3939731
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
cit.iec.cat Cross Site Scripting vulnerability OBB-3939730
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
web.math.arizona.edu Cross Site Scripting vulnerability OBB-3939729
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
placement.aom.org Cross Site Scripting vulnerability OBB-3939727
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
nerdtests.com Cross Site Scripting vulnerability OBB-3939725
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
op-vk.cz Cross Site Scripting vulnerability OBB-3939724
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
pentremotors.co.uk Cross Site Scripting vulnerability OBB-3939723
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
waterfrontmotors.co.uk Cross Site Scripting vulnerability OBB-3939722
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
myuni.glyndwr.ac.uk Cross Site Scripting vulnerability OBB-3939721
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
opvavpi.cz Cross Site Scripting vulnerability OBB-3939720
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, kots, metacontroller, kpt, nginx-mainline, conftest, external-dns, pulumi-language-dotnet, flux-source-controller, tomcat, amass, istio-envoy, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: fulcio, filebeat, opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, gcsfuse, karpenter, metacontroller, kpt, conftest, prometheus-pushgateway, external-dns, pulumi-language-dotnet, rclone, rekor, doppler-kubernetes-operator,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: buildkitd, k9s, grype, kots, docker, k3d, runc, kubescape, trivy, zarf, skaffold, telegraf, k3s, kubernetes, kaniko, nvidia-device-plugin, nerdctl, datadog-agent, cadvisor, newrelic-infrastructure-agent, ctop, skopeo, ingress-nginx-controller, zot, syft,...
8.6CVSS
9.2AI Score
0.051EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: cilium-cli, grype, kots, eksctl, tekton-pipelines, gitness, neuvector-agent, kubevela, k3d, flux-source-controller, kubescape, trivy, skaffold, up, telegraf, flux-helm-controller, melange, kaniko, cert-manager, helm-push, helm, newrelic-infrastructure-agent, ctop,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.8AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: harbor-registry, timoni, docker-cli, minify, mods, sbom-scorecard, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, aactl, cadvisor, tkn, certificate-transparency,...
6.8AI Score
0.0004EPSS
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: harbor-registry, timoni, minify, mods, sbom-scorecard, opa, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, wgcf, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, octo-sts, aactl, kube-vip, cadvisor, age, tkn,...
5.5CVSS
6.1AI Score
0.0004EPSS
Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,....
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2024-24557 vulnerabilities
Vulnerabilities for packages: bom, filebeat, dagger, buildkitd, kyverno, k9s, cosign, timoni, loki, kots, eksctl, crane, tekton-pipelines, docker-credential-gcr, kubevela, kubescape, traefik, trivy, zarf, k8sgpt, skaffold, up, guac, gitsign, telegraf, vexctl, goreleaser, tekton-chains,...
7.8CVSS
7.5AI Score
0.001EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: fulcio, filebeat, opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, gcsfuse, karpenter, metacontroller, kpt, conftest, prometheus-pushgateway, external-dns, pulumi-language-dotnet, rclone, rekor, doppler-kubernetes-operator,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: harbor-registry, timoni, docker-cli, minify, mods, sbom-scorecard, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, aactl, cadvisor, tkn, certificate-transparency,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: harbor-registry, timoni, minify, mods, sbom-scorecard, opa, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, wgcf, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, octo-sts, aactl, kube-vip, cadvisor, age, tkn,...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, amass, mc, aws-efs-csi-driver,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, kots, metacontroller, kpt, nginx-mainline, conftest, external-dns, pulumi-language-dotnet, flux-source-controller, tomcat, amass, istio-envoy, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.8AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.8AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: gops, nri-nginx, filebeat, opentofu, buildkitd, prometheus-bind-exporter, vt-cli, terraform, shfmt, timoni, docker-cli, gcsfuse, dask-gateway, kpt, prometheus-pushgateway, mage, external-dns, sbom-scorecard, doppler-kubernetes-operator, nri-discovery-kubernetes,...
7.5AI Score
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: harbor-registry, timoni, minify, mods, sbom-scorecard, opa, dockerize, paranoia, kube-bench, neuvector-sigstore-interface, wgcf, prometheus-postgres-exporter, spegel, tekton-chains, thanos, nvidia-device-plugin, octo-sts, aactl, kube-vip, cadvisor, age, tkn,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, mc, aws-efs-csi-driver, kubernetes-csi-external-attacher,....
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: opentofu, buildkitd, prometheus-bind-exporter, terraform, timoni, kots, karpenter, metacontroller, kpt, prometheus-pushgateway, external-dns, pulumi-language-dotnet, flux-source-controller, prometheus-operator, amass, mc, aws-efs-csi-driver,...
7.5AI Score