Lucene search
+L

4 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-8224

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00406EPSS
Exploits1References2
OSV
OSV
added 2025/03/26 5:20 p.m.11 views

GHSA-RV78-QQRQ-73M5 Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

5.3CVSS6.8AI score0.00406EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/03/26 5:20 p.m.18 views

Directus's S3 assets become unavailable after a burst of HEAD requests

Summary There's some tools that use Directus to sync content and assets. Some of those tools use HEAD method, like Shopify, to check the existence of files. Although, when making many HEAD requests at once, at some point, all assets are being served as 403. Details When I was investigating this...

5.3CVSS7AI score0.00406EPSS
Exploits1References3Affected Software2
OSV
OSV
added 2025/03/26 5:19 p.m.9 views

GHSA-J8XJ-7JFF-46MX Directus's S3 assets become unavailable after a burst of malformed transformations

Summary When making many malformed transformation requests at once, at some point, all assets are being served as 403. Details When I was investigating this issue, I have found that after a burst of malformed asset transformation requests, the amount of sockets held on Agent on NodeHttpHandler wa...

5.3CVSS6.8AI score0.00406EPSS
Exploits1References3
Rows per page
Query Builder