21 matches found
CVE-2020-10590
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port 8800 on the Replicated Classic server could retrieve the TLS Keypair Cert and Key used to configure...
EUVD-2020-3041
Malware in sbrugna...
EUVD-2021-30011
Malicious code in bioql PyPI...
CVE-2021-43058
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site...
CVE-2021-42718
Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin...
CVE-2021-42718 Sensitive data unnecessarily returned from authenticated API
Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin...
CVE-2021-42718 Sensitive data unnecessarily returned from authenticated API
Information Disclosure in API in Replicated Replicated Classic versions prior to 2.53.1 on all platforms allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables through the Admin...
CVE-2021-42718
CVE-2021-42718 affects Replicated Classic versions prior to 2.53.1. An authenticated Admin Console API (port 8800) may exposed container definitions containing environment variables, potentially revealing application secrets. Impact is information disclosure for users with valid credentials and A...
PT-2025-1359 · Unknown · Replicated Classic
Name of the Vulnerable Software and Affected Versions: Replicated Classic versions prior to 2.53.1 Description: The issue allows authenticated users with Admin Console access to retrieve sensitive data, including application secrets, via accessing container definitions with environment variables...
CVE-2021-43058
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site...
CVE-2021-43058
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site...
Open redirect
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site...
CVE-2021-43058
CVE-2021-43058 is an open redirect in Replicated Classic before 2.53.1, where a crafted URL can spoof users by redirecting them to an untrusted site. Root cause: improper URL handling enabling redirects. Impact: spoofing via user interaction (clicking the malicious link) with partial confidential...
CVE-2021-43058
An open redirect vulnerability exists in Replicated Classic versions prior to 2.53.1 that could lead to spoofing. To exploit this vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link, redirecting the user to an untrusted site...
Replicated 输入验证错误漏洞
Replicated is a management software from Replicated, Inc. in the United States. It provides software vendors with a container-based platform for rapidly deploying cloud-native applications in customer environments to provide greater security and control. A security vulnerability exists in...
CVE-2020-10590
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port 8800 on the Replicated Classic server could retrieve the TLS Keypair Cert and Key used to configure...
CVE-2020-10590
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port 8800 on the Replicated Classic server could retrieve the TLS Keypair Cert and Key used to configure...
Design/Logic Flaw
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port 8800 on the Replicated Classic server could retrieve the TLS Keypair Cert and Key used to configure...
Replicated 信息泄露漏洞
Replicated is a management software from Replicated, Inc. in the United States. It provides software vendors with a container-based platform for rapidly deploying cloud-native applications in customer environments to provide greater security and control. A security vulnerability exists in...
CVE-2020-10590
CVE-2020-10590 affects Replicated Classic 2.x. The issue is an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (8800) on a Replicated Classic server could retrieve the TLS keypair (certif...