77 matches found
EUVD-2023-46606
Malicious code in bioql PyPI...
EUVD-2023-34295
Malicious code in bioql PyPI...
EUVD-2023-36561
Malicious code in bioql PyPI...
EUVD-2023-34296
Malicious code in bioql PyPI...
EUVD-2023-48742
Malicious code in bioql PyPI...
CVE-2023-32311
CloudExplorer Lite is an open source cloud management platform. In CloudExplorer Lite prior to version 1.1.0 users organization/workspace permissions are not properly checked. This allows users to add themselves to any organization. This vulnerability has been fixed in v1.1.0. Users are advised t...
CVE-2023-44397
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
CVE-2023-42147
An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the login key component...
CVE-2023-3423
Weak Password Requirements in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v 1.2.0...
CVE-2023-32316
CloudExplorer Lite is an open source cloud management tool. In affected versions users can add themselves to any organization in CloudExplorer Lite. This is due to a missing permission check on the user profile. It is recommended to upgrade the version to v1.1.0. There are no known workarounds fo...
CVE-2023-2844
Authorization Bypass Through User-Controlled Key in GitHub repository cloudexplorer-dev/cloudexplorer-lite prior to v1.1.0...
CVE-2023-38692
CloudExplorer Lite is an open source, lightweight cloud management platform. Versions prior to 1.3.1 contain a command injection vulnerability in the installation function in module management. The vulnerability has been fixed in v1.3.1. There are no known workarounds aside from upgrading...
CVE-2023-44397
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
Design/Logic Flaw
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
CVE-2023-44397
CloudExplorer Lite (prior to v1.4.1) contains a permission bypass in its gateway filter. The issue is caused by a controller handling paths that start with matching/API/, enabling bypass of access controls. The CVE-2023-44397 entry notes a fix in v1.4.1. CVSS data indicates a high impact (possibl...
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
PT-2023-29230 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: CloudExplorer Lite versions prior to 1.4.1 Description: The issue concerns a permission bypass in CloudExplorer Lite, an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter uses a controller with a...
CloudExplorer Lite License Issue Vulnerability
CloudExplorer Lite is CloudExplorer's platform that provides out-of-the-box basic functionality for cloud hosting management, cloud billing, operational analytics, and security compliance, as well as powerful extensibility to meet the customization needs of enterprises. An authorization issue...