Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1807

Malicious code in bioql PyPI...

5.4CVSS5.1AI score0.00417EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/04 9:24 p.m.8 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to Cross-site Scripting in Vault (CVE-2023-2121)

Summary Vault is used by IBM Storage Fusion Data Foundation in mcg, ocs, odr, cephcsi, multicluster, and odr operators as part of credential management. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-2121. Vulnerability...

5.4CVSS6.1AI score0.00417EPSS
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2023/06/09 6:30 p.m.24 views

Hashicorp Vault vulnerable to Cross-site Scripting

Vault and Vault Enterprise's Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11...

5.4CVSS7.1AI score0.00417EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/06/09 6:30 p.m.17 views

GHSA-GQ98-53RQ-QR5H Hashicorp Vault vulnerable to Cross-site Scripting

Vault and Vault Enterprise's Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11...

4.3CVSS5.1AI score0.00417EPSS
Exploits0References3
Wolfi
Wolfi
added 2023/06/09 5:15 p.m.11 views

CVE-2023-2121 vulnerabilities

Vulnerabilities for packages: k3d...

5.4CVSS7.5AI score0.00417EPSS
Exploits0
Chainguard
Chainguard
added 2023/06/09 5:15 p.m.37 views

CVE-2023-2121 vulnerabilities

Vulnerabilities for packages: k3d...

5.4CVSS7.3AI score0.00417EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/06/09 5:15 p.m.24 views

CVE-2023-2121

Vault and Vault Enterprise's Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11...

5.4CVSS7.2AI score0.00417EPSS
Exploits0
Prion
Prion
added 2023/06/09 5:15 p.m.24 views

Input validation

Vault and Vault Enterprise's Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11...

4.9CVSS5.8AI score0.00417EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/06/09 4:59 p.m.34 views

CVE-2023-2121 Vault’s KV Diff Viewer Allowed for HTML Injection

Vault and Vault Enterprise's Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11...

4.3CVSS5.7AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2023/06/09 4:59 p.m.363 views

CVE-2023-2121

The CVE-2023-2121 issue affects HashiCorp Vault and Vault Enterprise, stemming from the key-value v2 (kv-v2) diff viewer and improper input handling that allowed HTML injection in the Vault web UI. The vulnerability could enable cross-site scripting through user-supplied values rendered by the di...

5.4CVSS5.2AI score0.00417EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/09 4:59 p.m.11 views

CVE-2023-2121 Vault’s KV Diff Viewer Allowed for HTML Injection

Vault and Vault Enterprise's Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11...

4.3CVSS6.7AI score0.00417EPSS
Exploits0References1
HashiCorp Security Advisories
HashiCorp Security Advisories
added 2023/06/09 4:52 p.m.6 views

Vault’s KV Diff Viewer Allowed HTML Injection

Summary Vault and Vault Enterprise’s Vault key-value v2 kv-v2 diff viewer allowed HTML injection into the Vault web UI through key values. This vulnerability, CVE-2023-2121, is fixed in Vault 1.14.0, 1.13.3, 1.12.7, and 1.11.11. Background Vault 1.10.0 introduced the ability to easily review the...

5.4CVSS6.2AI score0.00417EPSS
Exploits0Affected Software2
Rows per page
Query Builder