392 matches found
CVE-2025-61584
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584
serverless-dns (versions up to 0.1.30) contains a vulnerability in the pr.yml GitHub Action where unsafe input (github.event.pull_request.head.repo.clone_url and github.head_ref) is interpolated into a command executed by the runner. Because the action uses the pull_request_target trigger, it run...
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
PT-2025-39926
Name of the Vulnerable Software and Affected Versions serverless-dns versions through 0.1.30 Description serverless-dns is a RethinkDNS resolver that deploys to various platforms including Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. A flaw exists where the pr.yml GitHub Action interpolat...
serverless-dns 命令注入漏洞
serverless-dns is a DNS resolver from serverless-dns open source. A command injection vulnerability exists in serverless-dns version 0.1.30 and earlier, which stems from the pr.yml GitHub Action inserting untrusted input in an insecure manner, which could lead to the execution of attacker code...
MAL-2025-41962 Malicious code in custom-serverless-plugin (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in custom-serverless-plugin (npm)
The package communicates with a domain associated with malicious activity...
A Comprehensive Review of Denial of Wallet Attacks in Serverless Architectures
The Denial of Wallet DoW attack poses a unique and growing threat to serverless architectures that rely on Function-as-a-Service FaaS models, exploiting the cost structure of pay-as-you-go billing to financially burden application owners. Unlike traditional Denial of Service DoS attacks, which ai...
Malicious code in coralogix-azure-serverless (npm)
The package coralogix-azure-serverless was found to contain malicious code...
Malicious code in serverless-plugin-rds-trigger (npm)
The package serverless-plugin-rds-trigger was found to contain malicious code...
Malicious code in cb-serverless-plugins (npm)
The package cb-serverless-plugins was found to contain malicious code...
Malicious code in serverless-slack-app (npm)
The package serverless-slack-app was found to contain malicious code...
MAL-2025-33009 Malicious code in serverless-slack-app (npm)
The package serverless-slack-app was found to contain malicious code...
Malicious code in serverless-router (npm)
The package serverless-router was found to contain malicious code...
MAL-2025-16675 Malicious code in cb-serverless-plugins (npm)
The package cb-serverless-plugins was found to contain malicious code...
MAL-2025-33008 Malicious code in serverless-router (npm)
The package serverless-router was found to contain malicious code...
MAL-2025-17559 Malicious code in coralogix-azure-serverless (npm)
The package coralogix-azure-serverless was found to contain malicious code...