5 matches found
EUVD-2022-0509
Malicious code in bioql PyPI...
CVE-2022-21671
@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...
GHSA-7W54-GP8X-F33M Potential exposure of tokens to an Unauthorized Actor
Impact When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are multiple failed attempts to contact Replit through a WebSocket, the library will attempt to communicate using a fallback poll-based proxy. The URL of the proxy has changed, so...
CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis
@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...
PT-2022-15025 · Replit · @Replit/Crosis
Name of the Vulnerable Software and Affected Versions: @replit/crosis versions prior to 7.3.1 Description: A vulnerability exists that involves exposure of sensitive information. When using the library to communicate with Replit in a standalone fashion, if there are multiple failed attempts to...