Lucene search
K

96 matches found

osv
osv
added 2025/08/14 6:52 p.m.2 views

MAL-2025-8037 Malicious code in @hishprorg/maxime-voluptatum-fugit (npm)

The package @hishprorg/maxime-voluptatum-fugit was found to contain malicious code...

7.2AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.3 views

MAL-2025-7273 Malicious code in @crabas0npm/eaque-temporibus-fugit (npm)

The package @crabas0npm/eaque-temporibus-fugit was found to contain malicious code...

7.2AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.3 views

Malicious code in @taktikangea/cupiditate-et-fugit-tempore (npm)

The package @taktikangea/cupiditate-et-fugit-tempore was found to contain malicious code...

7AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.3 views

Malicious code in @kollusietea/unde-eaque-incidunt-fugit (npm)

The package @kollusietea/unde-eaque-incidunt-fugit was found to contain malicious code...

7AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.5 views

Malicious code in @kollusietea/amet-voluptatum-fugit (npm)

The package @kollusietea/amet-voluptatum-fugit was found to contain malicious code...

7AI score
Exploits0
ossf
ossf
added 2025/08/14 6:52 p.m.4 views

Malicious code in @landmineaknpm2/mollitia-eius-fugit (npm)

The package @landmineaknpm2/mollitia-eius-fugit was found to contain malicious code...

7AI score
Exploits0
osv
osv
added 2025/08/14 6:52 p.m.2 views

MAL-2025-7618 Malicious code in @crabas0npm/voluptates-possimus-laudantium-fugit (npm)

The package @crabas0npm/voluptates-possimus-laudantium-fugit was found to contain malicious code...

7.2AI score
Exploits0
ibm
ibm
added 2024/09/17 8:55 a.m.22 views

Security Bulletin: A vulnerability in fugit gem affects IBM License Metric Tool (CVE-2024-43380).

Summary There is a vulnerability in one of the Ruby gems used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-43380 DESCRIPTION: floraison fugit is vulnerable to a denial of service, caused by improper input validation by the natural parser. By sending a specially crafted request...

7.5CVSS7.5AI score0.00792EPSS
Exploits0Affected Software1
ossf
ossf
added 2024/09/02 1:42 a.m.3 views

Malicious code in @diotoborg/fugit-at-porro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ac933d3ed1d76d5740ba20be148c9ec571641bebecb3314ccec5e0ba9c764be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2024/09/02 1:42 a.m.5 views

MAL-2024-8487 Malicious code in @diotoborg/occaecati-fugit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 259ab17bc731292dc9d36fac22a2e52418e13c2f5f0d5938096924a322c66654 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
ossf
ossf
added 2024/09/02 1:42 a.m.4 views

Malicious code in @diotoborg/occaecati-fugit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 259ab17bc731292dc9d36fac22a2e52418e13c2f5f0d5938096924a322c66654 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
ossf
ossf
added 2024/09/02 1:42 a.m.4 views

Malicious code in @diotoborg/aliquid-fugit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0fb6897b85e41baef00d6f79a5f9cadd887790e1754c85d3e31c8a3b46c4f1ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
veracode
veracode
added 2024/08/20 6:58 a.m.13 views

Denial Of Service (DoS)

Fugit is vulnerable to Denial Of Service DoS. The vulnerability is due to the parser’s lack of input length validation, which allows it to accept and endlessly process input without timely completion...

7.5CVSS6.7AI score0.00792EPSS
Exploits0References4Affected Software1
redhatcve
redhatcve
added 2024/08/19 9:39 p.m.16 views

CVE-2024-43380

A flaw was found in fugit's parser. Due to a lack of user input validation, the natural parser may accept any length of input and will attempt to parse it. The parse can create a thread which will never return, causing high CPU usage, which may lead to a Denial of Service...

3.3CVSS7.2AI score0.00792EPSS
Exploits0References6
osv
osv
added 2024/08/19 5:29 p.m.12 views

GHSA-2M96-52R3-2F3G fugit parse and parse_nat stall on lengthy input

Impact The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check user input leng...

5.3CVSS5.3AI score0.00792EPSS
Exploits0References6
github
github
added 2024/08/19 5:29 p.m.18 views

fugit parse and parse_nat stall on lengthy input

Impact The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sight. Fugit dependents that do not check user input leng...

7.5CVSS6.8AI score0.00792EPSS
Exploits0References6Affected Software1
snyk
snyk
added 2024/08/19 3:42 p.m.4 views

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' due to the parse and parsenat functions. An attacker can cause a denial of service by sending specially crafted inputs that are excessively long. Workaround Ensure that Fugit.parse...

7.5CVSS6.8AI score0.00792EPSS
Exploits0References2
osv
osv
added 2024/08/19 3:15 p.m.1 views

DEBIAN-CVE-2024-43380

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sigh...

7.5CVSS4.6AI score0.00792EPSS
Exploits0References1
nvd
nvd
added 2024/08/19 3:15 p.m.12 views

CVE-2024-43380

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sigh...

7.5CVSS0.00792EPSS
Exploits0References3
osv
osv
added 2024/08/19 3:15 p.m.4 views

UBUNTU-CVE-2024-43380

fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sigh...

7.5CVSS7.1AI score0.00792EPSS
Exploits0References10
Rows per page
Query Builder