8 matches found
EUVD-2024-1605
Malicious code in bioql PyPI...
CVE-2024-35185
Minder is a software supply chain security platform. Prior to version 0.0.49, the Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server. The REST ingester allows users to interact with REST endpoints to fetch dat...
Denial Of Service (DoS)
github.com/stacklok/minder is vulnerable to a Denial of Service DoS. The vulnerability is due to missing request size limits by the REST ingester when processing responses from remote REST endpoints, which allows an attacker to execute a Denial of Service attack by controlling a remote REST...
Stacklok Minder vulnerable to denial of service from maliciously crafted templates
Minder engine is susceptible to a denial of service from memory exhaustion that can be triggered from maliciously created templates. Minder engine uses templating to generate strings for various use cases such as URLs, messages for pull requests, descriptions for advisories. In some cases can the...
GHSA-CRGC-2583-RW27 Stacklok Minder vulnerable to denial of service from maliciously crafted templates
Minder engine is susceptible to a denial of service from memory exhaustion that can be triggered from maliciously created templates. Minder engine uses templating to generate strings for various use cases such as URLs, messages for pull requests, descriptions for advisories. In some cases can the...
GHSA-FJW8-3GP8-4CVX Denial of service of Minder Server with attacker-controlled REST endpoint
The Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server. The REST ingester allows users to interact with REST endpoints to fetch data for rule evaluation. When fetching data with the REST ingester, Minder sends...
CVE-2024-35185 Denial of service of Minder Server with attacker-controlled REST endpoint
Minder is a software supply chain security platform. Prior to version 0.0.49, the Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server. The REST ingester allows users to interact with REST endpoints to fetch dat...
PT-2024-26366 · Minder · Minder
Name of the Vulnerable Software and Affected Versions: Minder versions prior to 0.0.49 Description: Minder is a software supply chain security platform. The Minder REST ingester is vulnerable to a denial of service attack via an attacker-controlled REST endpoint that can crash the Minder server...