204 matches found
AZL-71317 CVE-2024-6485 affecting package reaper for versions less than 3.1.1-22
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting XSS attacks. The vulnerability is associated with the data-loading-text attribute within the button plugin. This vulnerability can be exploited by injecting malicious JavaScript code into the attribut...
CBL Mariner 2.0 Security Update: reaper (CVE-2024-4068)
The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4068 advisory. - The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which...
CBL Mariner 2.0 Security Update: reaper (CVE-2024-29041)
The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29041 advisory. - Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alp...
CBL Mariner 2.0 Security Update: reaper (CVE-2024-28849)
The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28849 advisory. - follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically...
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1. This CVE either no longer is or was never applicable...
CVE-2024-4067 affecting package reaper for versions less than 3.1.1-9
CVE-2024-4067 affecting package reaper for versions less than 3.1.1-9. A patched version of the package is available...
CVE-2024-29041 affecting package reaper for versions less than 3.1.1-9
CVE-2024-29041 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...
CVE-2024-4068 affecting package reaper for versions less than 3.1.1-9
CVE-2024-4068 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...
CVE-2024-28849 affecting package reaper for versions less than 3.1.1-9
CVE-2024-28849 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...
CVE-2023-46234 affecting package reaper for versions less than 3.1.1-9
CVE-2023-46234 affecting package reaper for versions less than 3.1.1-9. An upgraded version of the package is available that resolves this issue...
CVE-2022-26592 affecting package reaper for versions less than 3.1.1-9
CVE-2022-26592 affecting package reaper for versions less than 3.1.1-9. A patched version of the package is available...
CVE-2020-24025 affecting package reaper for versions less than 3.1.1-9
CVE-2020-24025 affecting package reaper for versions less than 3.1.1-9. A patched version of the package is available...
Reaper - Proof Of Concept On BYOVD Attack
Reaper is a proof-of-concept designed to exploit BYOVD Bring Your Own Vulnerable Driver driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target system, which allows attackers to exploit the driver to perform malicious actions. Reaper was...
AZL-42034 CVE-2024-4068 affecting package reaper for versions less than 3.1.1-9
The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating...
AZL-37136 CVE-2024-28863 affecting package reaper for versions less than 3.1.1-17
node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few...
GHSA-XJP4-HW94-MVP5 vulnerabilities
Vulnerabilities for packages: cassandra-reaper, trino, hadoop-client-modules, celeborn, druid, tez...
GHSA-9W38-P64V-XPMV vulnerabilities
Vulnerabilities for packages: cassandra-reaper, trino, hadoop-client-modules, celeborn, druid, tez...
CVE-2024-29131 vulnerabilities
Vulnerabilities for packages: cassandra-reaper, trino, hadoop-client-modules, celeborn, druid, tez...
CVE-2024-29133 vulnerabilities
Vulnerabilities for packages: cassandra-reaper, trino, hadoop-client-modules, celeborn, druid, tez...
CVE-2018-11694 affecting package reaper for versions less than 3.1.1-7
CVE-2018-11694 affecting package reaper for versions less than 3.1.1-7. A patched version of the package is available...