30 matches found
MAL-2025-189857 Malicious code in telesto-redis-ophiuchus-radioastronomy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd255c82666656e5ebb6489494556acba1451caf6565cb1bf4c48216738e7c58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179639
Malicious code in commitizen-radioastronomy-steganography-grunt npm...
EUVD-2025-178947
Malicious code in extremophile-slidev-radioastronomy-coronalmassejection npm...
Malicious code in protoplanetarydisk-quasarjet-radioastronomy-node-config (npm)
The package protoplanetarydisk-quasarjet-radioastronomy-node-config was found to contain malicious code...
[SECURITY] Fedora 40 Update: python-astropy-5.3.3-1.fc40
The Astropy project is a common effort to develop a single core package for Astronomy. Major packages such as PyFITS, PyWCS, vo, and asciitable already merged in, and many more components being worked on. In particular, we are developing imaging, photometric, and spectroscopic functionality, as...
[SECURITY] Fedora 39 Update: python-astropy-5.3.3-1.fc39
The Astropy project is a common effort to develop a single core package for Astronomy. Major packages such as PyFITS, PyWCS, vo, and asciitable already merged in, and many more components being worked on. In particular, we are developing imaging, photometric, and spectroscopic functionality, as...
CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
UBUNTU-CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
CVE-2023-41334 astropy vulnerable to RCE in TranformGraph().to_dot_graph function
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
CVE-2023-41334
CVE-2023-41334 affects Astropy core package version 5.3.2, with remote code execution due to improper input validation in TranformGraph().to_dot_graph. A crafted savelayout value can be injected into subprocess.Popen, causing the malicious command to execute despite an error. The issue is fixed i...
CVE-2023-41334 astropy vulnerable to RCE in TranformGraph().to_dot_graph function
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
CVE-2023-41334
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
CVE-2023-41334 astropy vulnerable to RCE in TranformGraph().to_dot_graph function
Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...
Fedora: Security Advisory for nom-tam-fits (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: nom-tam-fits-1.15.2-22.fc40
FITS Flexible Image Transport System is the standard data format in astronomy used for the transport, analysis, and archival storage of scientific data sets. This library provides efficient I/O for FITS images and binary tables. All basic FITS formats and GZIP compressed files are supported...
Friday Squid Blogging: Squid Nebula
Pretty photograph. The Squid Nebula is shown in blue, indicating doubly ionized oxygen--which is when you ionize your oxygen once and then ionize it again just to make sure. In all seriousness, it likely indicates a low-mass star nearing the end of its life. As usual, you can also use this squid...
[SECURITY] Fedora 38 Update: siril-1.0.6-6.fc38
Siril is an image processing tool specially tailored for noise reduction and improving the signal/noise ratio of an image from multiple captures, as required in astronomy. Siril can align automatically or manually, stack and enhance pictures from various file formats, even images sequences movies...
Fedora: Security Advisory for siril (FEDORA-2023-a5e10b188a)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
astronomytoday.com Cross Site Scripting vulnerability OBB-2967514
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
marymcintyreastronomy.co.uk Improper Access Control vulnerability OBB-2228365
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...