CVE-2023-25392

Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...

EUVD-2023-1403

Malicious code in bioql PyPI...

Allegro Tech BigFlow vulnerable to Missing SSL Certificate Validation

Allegro Tech BigFlow prior to 1.6.0 is vulnerable to Missing SSL Certificate Validation...

GHSA-W6Q2-48CH-FJ26 Allegro Tech BigFlow vulnerable to Missing SSL Certificate Validation

Allegro Tech BigFlow prior to 1.6.0 is vulnerable to Missing SSL Certificate Validation...

CVE-2023-25392

Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...

CVE-2023-25392

Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...

Input validation

Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...

PT-2023-20043 · Allegro Tech · Allegro Tech Bigflow

Name of the Vulnerable Software and Affected Versions: Allegro Tech BigFlow versions prior to 1.6.0 Description: The issue is related to Missing SSL Certificate Validation. This means that the software may not properly verify the identity of the server it is connecting to, potentially allowing fo...

CVE-2023-25392

Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...

CVE-2023-25392

CVE-2023-25392 affects Allegro Tech BigFlow before 1.6.0. The issue is a lack of SSL certificate validation in BigFlow, enabling potential interception of traffic and exposure of confidential information (CVSS 3.1: Confidentiality High; Vector Network; Complexity High; Privileges None). Several c...

CVE-2023-25392

Allegro Tech BigFlow 1.6 is vulnerable to Missing SSL Certificate Validation...

Malicious Package

Overview allegro-tech-podcast is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...