Lucene search
K

4 matches found

Snyk
Snyk
added 2025/10/10 2:24 a.m.2 views

Malicious Package

Overview frontend-metrics-collector-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/04/02 5:24 p.m.3 views

GHSA-3QJF-QH38-X73V Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics

Impact An unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the METRICSCOLLECTOR configuration option is enabled and METRICSALLOWEDNETWORKS is set to 127.0.0.1/8 the default. Patches PR 1745 fixes the problem. Available in Miniflux = 2.0.43...

7.5CVSS7.2AI score0.00755EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/03/17 12:0 a.m.3 views

PT-2023-21231 · Miniflux · Miniflux

Name of the Vulnerable Software and Affected Versions: Miniflux versions prior to 2.0.43 Description: Miniflux is a feed reader. Prior to version 2.0.43, an unauthenticated user can retrieve Prometheus metrics from a publicly reachable Miniflux instance where the METRICS COLLECTOR configuration...

7.5CVSS7AI score0.00755EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2020/10/06 11:52 p.m.78 views

Low: Red Hat Security Advisory: OpenShift Virtualization 2.4.2 Images

Red Hat OpenShift Virtualization release 2.4.2 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a...

7.5CVSS6.8AI score0.0473EPSS
Exploits0References7
Rows per page
Query Builder