4 matches found
EUVD-2023-2184
Malicious code in bioql PyPI...
ScanCode Cross-Site Scripting Vulnerability
ScanCode is an open source tool for analyzing and scanning source code for open source license information and potential intellectual property issues. A cross-site scripting vulnerability exists in ScanCode.io 32.5.1 and earlier versions, which stems from a reflected cross-site scripting XSS...
CVE-2023-39523 ScanCode.io command injection in docker image fetch process
ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the dockerreference parameter. In the...
CVE-2023-39523 ScanCode.io command injection in docker image fetch process
ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the dockerreference parameter. In the...