5832 matches found
Takeaways From The Take Command Summit: Navigating Modern SOC Challenges
At our recent Take Command summit, experts delved into the pressing challenges faced by SOC teams. With 2,365 more data breaches in 2023 than in 2022 74% of which were a direct result of cyber attacks, the need for robust security operations has never been greater. Key takeaways from the 25 minut...
CVE-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
MAL-2024-7048 Malicious code in @yu-life/react-native-yu-watch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 461986fa4cbfe6bda33bdb99901a4c0f05e00934b4a3c5b529f1236dba9d4b1b The OpenSSF Package Analysis project identified '@yu-life/react-native-yu-watch' @ 1.0.1 npm as malicious. It is considered malicious because: -...
Malicious code in NServіcеBus.SqlServer.Native (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4575 Malicious code in NServісеBus.SqlServеr.Native (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in usaa-native-bridge (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-3802 Malicious code in usaa-native-bridge (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in onewelcome-react-native-sdk (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2794 Malicious code in onewelcome-react-native-sdk (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in mobile-auth-library-react-native (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2667 Malicious code in mobile-auth-library-react-native (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in cameo-react-native-share-story (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-1858 Malicious code in cameo-react-native-share-story (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in axle-react-native-common-dependencies (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in axle-react-native-app-sync-client (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-1793 Malicious code in axle-react-native-app-sync-client (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-1794 Malicious code in axle-react-native-common-dependencies (npm)
--- -= Per source details. Do not edit below this line.=-...
This Week in Spring - June 25th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this I'm in beautiful Amsterdam, having visited with customers and spoken at a local Java User Group. Now I'm off to lovely London, UK. Last week I was in Krakow, Poland, for the amazing Devoxx PL event, and in Par...
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2024-037)
The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-037 advisory. Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling...
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2024-647)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-647 advisory. 2024-07-17: CVE-2024-30255 was added to this advisory. Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a serve...