EUVD-2023-0885

Malicious code in bioql PyPI...

Design/Logic Flaw

The crewjam/saml go library contains a partial implementation of the SAML standard in golang. Prior to version 0.4.13, the package's use of flate.NewReader does not limit the size of the input. The user can pass more than 1 MB of data in the HTTP request to the processing functions, which will be...

Crewjam Saml 安全漏洞

Crewjam Saml is a Go-based implementation of a codebase that interacts with Saml format files by the individual developers of Crewjam. A security vulnerability exists in Crewjam Saml versions prior to 0.4.13, which stems from not limiting the size of input to flate.NewReader...

Malicious code in solc-0.4.13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f485d837345066f125adf36dca7c1ffbcf5f55072852cca5cc1383e1d61b4061 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

nginx dos exploit

No description provided by source. debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep...

nginx 0.7.0-0.7.61 0.6.0-0.6.38 0.5.0-0.5.37 0.4.0-0.4.14 PoC

No description provided by source. debian: uname -a Linux debian 2.6.18-6-686 1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux debian: cat /etc/issue Debian GNU/Linux 4.0 \n \l debian: dpkg -l|grep nginx ii nginx 0.4.13-2+etch2 small, but very powerful and efficient debian: ps xauwww|grep...