226 matches found
event-driven-ansible: Sensitive Internal Headers Disclosure in AAP EDA Event Streams
A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible EDA Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers such as X-Trusted-Proxy and X-Envoy- and event stream URLs via crafted requests and job...
EUVD-2012-3391
Malware in sbrugna...
EUVD-2024-0944
Malicious code in bioql PyPI...
EUVD-2025-20317
Malicious code in bioql PyPI...
EUVD-2022-7622
Malicious code in bioql PyPI...
EUVD-2024-50448
Malicious code in bioql PyPI...
EUVD-2022-7648
Malicious code in bioql PyPI...
EUVD-2025-8615
Malicious code in bioql PyPI...
NestJs-Microservices-POC
NestJS Microservices Proof of Concept A comprehensive demonst...
Whispering Agents: an Event-Driven Covert Communication Protocol for the Internet of Agents
The emergence of the Internet of Agents IoA introduces critical challenges for communication privacy in sensitive, high-stakes domains. While standard Agent-to-Agent A2A protocols secure message content, they are not designed to protect the act of communication itself, leaving agents vulnerable t...
Scaling Spin Apps With KEDA
Scale Spin apps on Kubernetes using SpinKube and KEDA for event-driven autoscaling based on Amazon SQS queue metrics...
CVE-2025-53543 Kestra allows Stored XSS before 0.22
Kestra is an event-driven orchestration platform. The error message in execution "Overview" tab is vulnerable to stored XSS due to improper handling of HTTP response received. This vulnerability is fixed in 0.22.0...
CVE-2025-53543
CVE-2025-53543 : Kestra (event-driven orchestration platform) is vulnerable to a stored XSS in the error message shown on the execution “Overview” tab due to improper handling of HTTP responses. This issue is addressed in Kestra 0.22.0 and later. Remediation: upgrade to 0.22.0+ (or apply vendor-p...
CVE-2025-49520 Event-driven-ansible: authenticated argument injection in git url in eda project creation
A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are passed unsanitized to the git ls-remote command. This vulnerability allows an authenticated attacker to inject arguments and execute arbitrary commands on the EDA worker. In Kubernetes/OpenShift...
Important: Red Hat Security Advisory: nodejs22 security update
An update for nodejs22 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
[SECURITY] Fedora 41 Update: nodejs20-20.19.2-1.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 41 Update: nodejs22-22.15.1-1.fc41
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
[SECURITY] Fedora 42 Update: nodejs22-22.15.1-1.fc42
Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...
Accountable, Scalable and DoS-Resilient Secure Vehicular Communication
Paramount to vehicle safety, broadcasted Cooperative Awareness Messages CAMs and Decentralized Environmental Notification Messages DENMs are pseudonymously authenticated for security and privacy protection, with each node needing to have all incoming messages validated within an expiration...
CVE-2024-29186
Bref is an open-source project that helps users go serverless on Amazon Web Services with PHP. When Bref prior to version 2.1.17 is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion...