8 matches found
Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.13 / 11.0.x < 11.2.1 / 11.3.0 (JSDSERVER-16480)
The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16480 advisory. - Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30....
MAL-2025-192395 Malicious code in libxmlrussia (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a896cf7e2a9565c72e2dbea89306401102334fe016a8819be5ab476cff9d8e The package libxmlrussia was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in libxmlussr1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53a26137f4b62749b9f491cb82c0c0f9d95f0fa03f7dcd2e8067b39b5de0e005 The package libxmlussr1 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-192427 Malicious code in libxmlussr1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53a26137f4b62749b9f491cb82c0c0f9d95f0fa03f7dcd2e8067b39b5de0e005 The package libxmlussr1 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-192388 Malicious code in libxmljs2varaboba (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5238325d9c28808a2213c9d93413847ccb8a9989720c91a2e6f8b161947fda0 The package libxmljs2varaboba was found to contain malicious code. Source: ossf-package-analysis...
UBUNTU-CVE-2025-58754
Axios is a promise based HTTP client for the browser and Node.js. When Axios starting in version 0.28.0 and prior to versions 0.30.2 and 1.12.0 runs on Node.js and is given a URL with the data: scheme, it does not perform HTTP. Instead, its Node http adapter decodes the entire payload into memory...
zhmc-prometheus-exporter (=0.6.1), zhmccli (=0.21.2) potentially affected by CVE-2024-53865 via zhmcclient (=0.30.2)
zhmcclient PYPI version =0.30.2 is affected by a known vulnerability. The following packages have a transitive dependency on zhmcclient and may be impacted: - zhmc-prometheus-exporter =0.6.1 - zhmccli =0.21.2 Source cves: CVE-2024-53865 Source advisory: OSV:GHSA-P57H-3CMC-XPJQ...
PT-2024-40441 · Datadog · Datadog/Dd-Trace
Name of the Vulnerable Software and Affected Versions: datadog/dd-trace versions 0.30.0 through 0.30.1 Description: The issue concerns a security and stability problem where the ddtrace.request init hook was not properly bound by the open basedir INI directive, potentially leading to...