EUVD-2024-3124

Malicious code in bioql PyPI...

EUVD-2025-0182

Malicious code in bioql PyPI...

CVE-2025-24783

UNSUPPORTED WHEN ASSIGNED Incorrect Usage of Seeds in Pseudo-Random Number Generator PRNG vulnerability in Apache Cocoon. This issue affects Apache Cocoon: all versions. When a continuation is created, it gets a random identifier. Because the random number generator used to generate these...

Cocoon 安全漏洞

Cocoon is a simple and reliable security repository from the personal developer Alexander Fadeev. A security vulnerability exists in Cocoon versions prior to 0.4.0 that stems from the easy reuse of Nonce key pairs in encryption, which allows an attacker to generate the same ciphertext by creating...

PT-2023-31312 · Apache · Apache Cocoon

Name of the Vulnerable Software and Affected Versions: Apache Cocoon versions 2.2.0 through 2.2.x before 2.3.0 Apache Cocoon version 2.2.0 Description: The issue is related to an Improper Restriction of XML External Entity Reference, which allows users to inject malicious code into XML documents...

reef (>=0.0.46 <=0.0.82) potentially affected by CVE-2024-21530 via cocoon (>=0.2.5 <=0.3.3)

cocoon CARGO version =0.2.5, =0.0.46, =0.0.82 Source cves: CVE-2024-21530 Source advisory: OSV:GHSA-6878-6WC2-PF5H...

PT-2023-32941 · Cocoon · Cocoon

Name of the Vulnerable Software and Affected Versions: cocoon versions prior to 0.4.0 Description: The issue is related to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate the same ciphertext by creating a new...

[NEWS] Apache Cocoon Directory Traversal Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...