10 matches found
EUVD-2023-30293
Malicious code in bioql PyPI...
CVE-2023-26493
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
Command injection
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493
The CVE-2023-26493 case affects Cocos Engine and concerns a command-injection risk in the repository’s web-interface-check.yml workflow. The vulnerability arises when a pull request triggers a workflow containing the user-controlled field (${ { github.head_ref } }), enabling an attacker to potent...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
CVE-2023-26493 Command Injection in Cocos Engine workflow
Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...
Cocos Engine 命令注入漏洞
Cocos Engine by China's Xiamen Yaji is an open source framework for building 2D and 3D real-time rendered and interactive content. Cocos Engine suffers from a command injection vulnerability that stems from the presence of command injection, which can be exploited by an attacker to run custom...
PT-2023-20683 · Unknown · Cocos Engine
Name of the Vulnerable Software and Affected Versions: Cocos Engine affected versions not specified Description: The issue concerns a command injection vulnerability in the web-interface-check.yml file of the Cocos Engine GitHub repository. This file was triggered by pull requests and contained a...