6 matches found
EUVD-2024-1217
Malicious code in bioql PyPI...
CVE-2024-31995
@digitalbazaar/zcap provides JavaScript reference implementation for Authorization Capabilities. Prior to version 9.0.1, when invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly checked against the current da...
CVE-2024-31995
@digitalbazaar/zcap provides JavaScript reference implementation for Authorization Capabilities. Prior to version 9.0.1, when invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly checked against the current da...
CVE-2024-31995 zcap has incomplete expiration checks in capability chains.
@digitalbazaar/zcap provides JavaScript reference implementation for Authorization Capabilities. Prior to version 9.0.1, when invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly checked against the current da...
CVE-2024-31995
The CVE-2024-31995 issue affects the JavaScript library @digitalbazaar/zcap, where, prior to version 9.0.1, capability invocations delegated directly from the root (chain depth 2) do not properly check the expires date against the current time or other date parameters. This incomplete expiration ...
CVE-2024-31995 zcap has incomplete expiration checks in capability chains.
@digitalbazaar/zcap provides JavaScript reference implementation for Authorization Capabilities. Prior to version 9.0.1, when invoking a capability with a chain depth of 2, i.e., it is delegated directly from the root capability, the expires property is not properly checked against the current da...