10 matches found
EUVD-2024-1007
Malicious code in bioql PyPI...
express: cause malformed URLs to be evaluated
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a...
CBL Mariner 2.0 Security Update: reaper (CVE-2024-29041)
The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29041 advisory. - Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alp...
CVE-2024-29041
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...
CVE-2024-29041
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...
CVE-2024-29041
CVE-2024-29041 – Open Redirect in Express.js . Express.js versions prior to 4.19.0 and all pre-release 5.0 alpha/beta are affected by an open redirect via user-provided redirect URLs. The flaw stems from encodeurl usage in res.location()/res.redirect(), allowing bypass of allowlists in redirectio...
CVE-2024-29041 Express.js Open Redirect in malformed URLs
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...
CVE-2024-29041
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...
CVE-2024-29041 Express.js Open Redirect in malformed URLs
Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...
MAL-2023-5102 Malicious code in py-encodeurl (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 17ac06ec7dbafaf2169cd63c65faaf26651479728fc630bc27d860bb232e56a9 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...