Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added yesterday4 views

CVE-2026-59180

A flaw was found in Apprise, an open-source library for sending notifications. HTTP-based notification plugins and HTTP attachment and configuration loaders in Apprise, prior to version 1.11.0, automatically follow HTTP redirects. During these redirects, user-configured authentication headers and...

3.1CVSS6.1AI score
Exploits0References7
Snyk
Snyk
added 2026/06/03 8:24 a.m.9 views

Improper Output Neutralization for Logs

Overview morgan is a HTTP request logger middleware for node.js. Affected versions of this package are vulnerable to Improper Output Neutralization for Logs via the :remote-user token, which extracts the Basic auth username from the Authorization header and writes it to the log stream without...

6.9CVSS5.5AI score0.00246EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/17 6:44 p.m.1 views

Improper Validation of Specified Type of Input

Overview github.com/mattermost/mattermost-plugin-calls is a package for voice calling and screen sharing functionality in Mattermost channels. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input via the WebSocket request handling. An attacker can cau...

7.1CVSS6.8AI score0.0024EPSS
Exploits0References2
Snyk
Snyk
added 2025/12/17 12:44 p.m.1 views

Cross-site Request Forgery (CSRF)

Overview github.com/mattermost/mattermost-plugin-calls/server is a package that enables voice calling and screen sharing functionality in Mattermost channels Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the Calls widget page. An attacker can initiate cal...

5.3CVSS6.7AI score0.001EPSS
Exploits0References2
Snyk
Snyk
added 2025/07/14 5:55 p.m.4 views

Command Injection

Overview job-iteration is a package that makes your background jobs interruptible and resumable. Affected versions of this package are vulnerable to Command Injection via the CsvEnumerator class. An attacker can execute arbitrary system commands by supplying untrusted input to methods that proces...

9.8CVSS7.9AI score0.00706EPSS
Exploits0References2
Snyk
Snyk
added 2024/04/09 6:30 p.m.5 views

Information Exposure Through an Error Message

Overview Affected versions of this package are vulnerable to Information Exposure Through an Error Message due to improper handling of sensitive information. An attacker can gain access to sensitive information by exploiting this vulnerability. Remediation Upgrade Azure.Identity to version 1.11.0...

5.5CVSS6.7AI score0.00711EPSS
Exploits0References2
Rows per page
Query Builder