MAL-2025-1255 Malicious code in pistache-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware afc6da3b2752e910cba989cf5bd54d4c73f98590922de6b324e747464058a024 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in pistache-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware afc6da3b2752e910cba989cf5bd54d4c73f98590922de6b324e747464058a024 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV-2024-832 UNKNOWN READ in Pistache::Http::Header::Expect::parseRaw

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69151 Crash type: UNKNOWN READ Crash state: Pistache::Http::Header::Expect::parseRaw Pistache::Http::Private::HeadersStep::apply Pistache::Http::Private::ParserBase::parse...

PT-2024-40856 · Pistache · Pistache

Name of the Vulnerable Software and Affected Versions: Pistache affected versions not specified Description: The issue is related to a crash caused by an unknown read in the Pistache::Http::Header::Expect::parseRaw function. This function is part of the Pistache HTTP library, which is used for...

PT-2024-40712 · Pistache · Pistache

Name of the Vulnerable Software and Affected Versions: Pistache affected versions not specified Description: The issue is related to a crash caused by a container-overflow read. Technical details about the crash include the involvement of the strtol function,...

CVE-2022-26068

This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server...

Code injection

This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server...

CVE-2022-26068 Path Traversal

This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server...

CVE-2022-26068

CVE-2022-26068 affects pistacheio/pistache prior to 0.0.3.20220425, enabling path traversal to fetch arbitrary files from the server. Affected component: Pistache (C++ HTTP/REST framework). Root cause: improper handling of directory paths allows traversal to restricted files. Impact: potential ex...

CVE-2022-26068

This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server...

pistache 路径遍历漏洞

pistache is a modern and elegant C++ HTTP and REST framework. A path traversal vulnerability exists in versions prior to pistacheio/pistache 0.0.3.20220425, which can be exploited by an attacker to obtain arbitrary files from the server...