6 matches found
EUVD-2023-50473
Malicious code in bioql PyPI...
CVE-2023-46237
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, an endpoint intended to offer limited enumeration abilities to authenticated users was accessible to unauthenticated users. This enabled unauthenticated users to discover files and their...
Server side request forgery (ssrf)
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, a server-side-request-forgery SSRF vulnerability allowed an unauthenticated user to trigger a GET request as the server to an arbitrary endpoint and URL scheme. This also allows remote...
CVE-2023-46237 FOG path traversal via unauthenticated endpoint
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, an endpoint intended to offer limited enumeration abilities to authenticated users was accessible to unauthenticated users. This enabled unauthenticated users to discover files and their...
CVE-2023-46237 FOG path traversal via unauthenticated endpoint
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, an endpoint intended to offer limited enumeration abilities to authenticated users was accessible to unauthenticated users. This enabled unauthenticated users to discover files and their...
CVE-2023-46236 FOG SSRF via unauthenticated endpoint(s)
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Prior to version 1.5.10, a server-side-request-forgery SSRF vulnerability allowed an unauthenticated user to trigger a GET request as the server to an arbitrary endpoint and URL scheme. This also allows remote...