MAL-2026-5783 Malicious code in vault-strategies (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b7037d9efc65a0885cc000a92c46ea9bed2097d02c8fb2883ceaa3eb2fd5eeb On npm install, the package's preinstall hook preinstall: node postinstall.js || true executes postinstall.js, which enumerates process.env and filte...

CVE-2022-2416

In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment...

Design/Logic Flaw

In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment...

CVE-2022-2416

In affected versions of Octopus Deploy it is possible for a low privileged guest user to craft a request that allows enumeration/recon of an environment...

PT-2023-12744 · Unknown · Octopus Deploy

Name of the Vulnerable Software and Affected Versions: Octopus Deploy affected versions not specified Description: The issue allows a low-privileged guest user to craft a request that enables enumeration or reconnaissance of an environment. Recommendations: At the moment, there is no information...

CVE-2023-33201

A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain...