MAL-2026-3674 Malicious code in 66o (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ba0e9f968d627812a2a4efbb8631d3400b6c19692c7668c8e511e2808aaa62 On require, index.js replaces the global console object with a Proxy index.js:36-73 that intercepts console.error/info/warn calls anywhere in the hos...

Malicious code in 66o (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ba0e9f968d627812a2a4efbb8631d3400b6c19692c7668c8e511e2808aaa62 On require, index.js replaces the global console object with a Proxy index.js:36-73 that intercepts console.error/info/warn calls anywhere in the hos...

The vulnerability of the /api/dev-console/proxy/internet file on the Red Hat OpenShift Container Platform corporate platform allows a attacker to perform an SSRF attack.

The vulnerability of the /api/dev-console/proxy/internet file on the Red Hat OpenShift Container Platform corporate platform is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

SUSE CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

openstack-nova: novnc allows open redirection

A vulnerability was found in CPython which is used by openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

openstack-nova: novnc allows open redirection

A vulnerability was found in CPython which is used by openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

Open Redirect in CPython that affects users of OpenStack Nova

A vulnerability was found in CPython which is used by openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

DEBIAN-CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

Design/Logic Flaw

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

UBUNTU-CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

CVE-2021-3654

The CVE-2021-3654 issue affects openstack-nova’s console proxy, noVNC, where crafting a malicious URL can trigger an open redirect to an attacker-controlled site. This could enable users to be redirected to a malicious page, potentially exposing sensitive information or enabling further actions. ...

CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

CVE-2021-3654

A vulnerability was found in openstack-nova's console proxy, noVNC. By crafting a malicious URL, noVNC could be made to redirect to any desired URL...

openstack-nova: Nova VMware driver may connect VNC to another tenant's console

A race condition flaw was found in the way the nova VMware driver handled VNC port allocation. An authenticated user could use this flaw to gain unauthorized console access to instances belonging to other tenants by repeatedly spawning new instances. Note that only nova setups using the VMware...

Code injection

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform formerly Citrix CloudStack 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging knowledge of the source code...