EUVD-2022-7604

Malicious code in bioql PyPI...

CVE-2022-23536

A local file inclusion vulnerability exists in Cortex. This issue could allow a malicious actor to remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API...

CVE-2022-23536 Alertmanager can expose local files content via specially crafted config

Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted t...