10 matches found
EUVD-2023-30293
Malicious code in bioql PyPI...
CVE-2023-26493
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
Command injection
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493
The CVE-2023-26493 case affects Cocos Engine and concerns a command-injection risk in the repository’s web-interface-check.yml workflow. The vulnerability arises when a pull request triggers a workflow containing the user-controlled field (${ { github.head_ref } }), enabling an attacker to potent...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
PT-2023-20683 · Unknown · Cocos Engine
Name of the Vulnerable Software and Affected Versions: Cocos Engine affected versions not specified Description: The issue concerns a command injection vulnerability in the web-interface-check.yml file of the Cocos Engine GitHub repository. This file was triggered by pull requests and contained a...
Cocos Engine 命令注入漏洞
Cocos Engine by China's Xiamen Yaji is an open source framework for building 2D and 3D real-time rendered and interactive content. Cocos Engine suffers from a command injection vulnerability that stems from the presence of command injection, which can be exploited by an attacker to run custom...