52 matches found
CVE-2025-66214
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
CVE-2025-66214
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
CVE-2025-66214
CVE-2025-66214 describes a Java deserialization vulnerability in Ladybug before version 3.0-20251107.114628. The affected component exposes the API endpoints /iaf/ladybug/api/report/{storage} and /iaf/ladybug/api/report/upload, which accept gzip-compressed XML files with user-controllable content...
CVE-2025-66214 Ladybug has an XMLDecoder Deserialization Vulnerability (Java RCE)
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
CVE-2025-66214 Ladybug has an XMLDecoder Deserialization Vulnerability (Java RCE)
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
EUVD-2025-202310
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
CVE-2025-66214 Ladybug has an XMLDecoder Deserialization Vulnerability (Java RCE)
Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...
PT-2025-50222
Name of the Vulnerable Software and Affected Versions Ladybug versions prior to 3.0-20251107.114628 Description Ladybug is a tool that adds message-based debugging, unit, system, and regression testing to Java applications. The software contains the API endpoints /iaf/ladybug/api/report/storage a...
Ladybug debug 安全漏洞
Ladybug debug is an open source debugging and testing tool from WeAreFrank! A security vulnerability exists in versions prior to Ladybug debug 3.0-20251107.114628, which stems from a deserialization vulnerability that could lead to remote code execution...
EUVD-2025-117139
Malicious code in racial-chocolate-ladybug npm...
MAL-2025-127864 Malicious code in judicial_ladybug_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b71dbf43f1563ef2dd614bf2be96da97d42c0aa42690787cc9001dabb04d955f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-100322
Malicious code in compactladybugz3n npm...
EUVD-2025-100294
Malicious code in comprehensiveladybugz3n npm...
EUVD-2025-106691
Malicious code in agriculturalladybugz3n npm...
EUVD-2025-95438
Malicious code in revolutionaryladybugz3n npm...
MAL-2025-118627 Malicious code in agricultural_ladybug_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b04d7434b88561007b4736420c58c0d70e998f16c03c78bbf8f0f89838ae498 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-105988
Malicious code in convincingladybugz3n npm...
EUVD-2025-87839
Malicious code in wealthyladybugz3n npm...
MAL-2025-113209 Malicious code in conservation_ladybug_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d62a0fd6e97db115f4ce79e531a4e782382b6536d287d5a34a730666894839e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-92675
Malicious code in conservationladybugz3n npm...