Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2025/11/25 2:20 p.m.7 views

@appium/base-driver (>=10.0.0 <=10.1.1), @breautek/storm (>=9.0.0 <=9.2.4) +74 more potentially affected by CVE-2025-13466 via body-parser (=2.2.0)

body-parser NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on body-parser and may be impacted: - @appium/base-driver =10.0.0, =9.0.0, =3.8.8, =1.114.0, =11.8.0, =3.4.0, =11.0.19, =0.1.0, =4.0.1, =1.0.0-beta.2, =0.0.1-beta.0,...

6.9CVSS5.7AI score0.0035EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/10/28 12:30 a.m.9 views

@herodevs/cli (>=1.0.0-beta.2 <=2.0.0-beta.4), @socketsecurity/cli (>=0.10.0 <=0.11.1) +1 more potentially affected by CVE-2024-50611 via @cyclonedx/cdxgen (>=10.11.0 <=11.11.0)

@cyclonedx/cdxgen NPM version =10.11.0, =1.0.0-beta.2, =0.10.0, =0.1.0, =0.2.2 Source cves: CVE-2024-50611 Source advisory: OSV:GHSA-HXF3-VGPM-FV9P...

7.2CVSS5.7AI score0.00831EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2024/10/28 12:30 a.m.20 views

CycloneDX cdxgen may execute code contained within build-related files

CycloneDX cdxgen prior to 11.1.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.2CVSS7.9AI score0.00831EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2024/10/28 12:30 a.m.17 views

GHSA-HXF3-VGPM-FV9P CycloneDX cdxgen may execute code contained within build-related files

CycloneDX cdxgen prior to 11.1.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.1CVSS7.9AI score0.00831EPSS
Exploits0References7
NVD
NVD
added 2024/10/27 10:15 p.m.19 views

CVE-2024-50611

CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.2CVSS0.00831EPSS
Exploits0References3
OSV
OSV
added 2024/10/27 12:0 a.m.13 views

CVE-2024-50611

CycloneDX cdxgen through 10.10.7, when run against an untrusted codebase, may execute code contained within build-related files such as build.gradle.kts, a similar issue to CVE-2022-24441. cdxgen is used by, for example, OWASP dep-scan. NOTE: this has been characterized as a design limitation,...

7.2CVSS8.9AI score0.00831EPSS
Exploits0References5
Rows per page
Query Builder