EUVD-2024-50125

Malicious code in bioql PyPI...

CVE-2024-9802

The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...

CVE-2024-9802

The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...

CVE-2024-9802

The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...

CVE-2024-9802 Conformance validation endpoint discloses detail about service to unauthenticated users

The conformance validation endpoint is public so everybody can verify the conformance of onboarded services. The response could contain specific information about the service, including available endpoints, and swagger. It could advise about the running version of a service to an attacker. The...

CVE-2024-9802

The CVE-2024-9802 entry concerns the Zowe API Mediation Layer’s conformance validation endpoint, which is publicly accessible. Public responses may reveal service details (endpoints, swagger) and potentially indicate the running version and whether a service is active. This information exposure i...