4151 matches found
GO-2022-1031 Open redirect in github.com/labstack/echo/v4
Labstack Echo contains an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
Server-Side Request Forgery (SSRF)
github.com/labstack/echo is vulnerable to server side request forgery. The vulnerability exists due to a lack of sanitization of URL via the Static Handler component allowing an attacker to redirect a user to a malicious website...
LabStack Echo Open Redirect Vulnerability
LabStack echo is a high-performance, minimalist Go web framework open sourced by LabStack LLC. labStack Echo v4.8.0 version has an open redirection vulnerability that can be exploited by attackers to launch server-side request forgery attacks...
Labstack Echo Open Redirect vulnerability
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF. Version 4.9.0 contains a patch for the issue...
GHSA-CRXJ-HRMP-4RWF Labstack Echo Open Redirect vulnerability
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF. Version 4.9.0 contains a patch for the issue...
CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
DEBIAN-CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
Open redirect
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
CVE-2022-40083
Labstack Echo v4.8.0 contains an open redirect vulnerability via the Static Handler component that can be exploited to cause Server-Side Request Forgery (SSRF). Affected software: Labstack Echo 4.8.0. Root cause: open redirect in Static Handler allows redirection to arbitrary URLs, enabling SSRF....
CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
CVE-2022-40083
Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...
LabStack LLC echo 输入验证错误漏洞
LabStack echo is a high-performance, minimalist Go web framework open sourced by LabStack LLC. labStack Echo v4.8.0 version has an open redirection vulnerability that can be exploited by attackers to launch server-side request forgery attacks...
PT-2022-7187 · Labstack +1 · Labstack Echo +1
Name of the Vulnerable Software and Affected Versions: Labstack Echo version 4.8.0 Description: The issue is related to an open redirect vulnerability via the Static Handler component, which can be leveraged by attackers to cause a Server-Side Request Forgery SSRF. This allows a remote attacker t...
YouTube transparency report shows battle against misinformation
Statistics for YouTube community guidelines enforcement are now available for the period April to June 2022, via Googles Transparency Report. YouTube channels are terminated if they accrue three community guideline strikes in 90 days, have a case of severe abuse predatory behaviour, for example, ...
Malicious code in postman-echo-nock (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54ca7d74162028127f3c663d15e3c766cc0f7729f646f4f70d55b0db30b8b253 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5430 Malicious code in postman-echo-nock (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54ca7d74162028127f3c663d15e3c766cc0f7729f646f4f70d55b0db30b8b253 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview postman-echo-nock is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...