MAL-2025-36836 Malicious code in thread-await-function-runtime-balance (npm)

The package thread-await-function-runtime-balance was found to contain malicious code...

Malicious code in thread-await-function-runtime-balance (npm)

The package thread-await-function-runtime-balance was found to contain malicious code...

Slow String Operations via MultiPart Requests in Event-Driven Functions

Impacted Resources bref/src/Event/Http/Psr7Bridge.php:94-125 multipart-parser/src/StreamedPart.php:383-418 Description When Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion...

Denial Of Service (DoS)

Bref is vulnerable to Denial Of Service DoS. The vulnerability is due to improper clean up of temporary files after processing a MultiPart requests when the Event-Driven Function runtime is utilized and the handler is a RequestHandlerInterface. This allows an attacker to fill the Lambda instance...

Bref's Uploaded Files Not Deleted in Event-Driven Functions

Impacted Resources bref/src/Event/Http/Psr7Bridge.php:94-125 Description When Bref is used with the Event-Driven Function runtime and the handler is a RequestHandlerInterface, then the Lambda event is converted to a PSR7 object. During the conversion process, if the request is a MultiPart, each...

MCPWS Personal WebServer <= 1.3.21 Denial of Service Exploit

No description provided by source. !/usr/bin/perl MCPWS Personal - Webserver = 1.3.21 DoS Exploit Vendor: http://www.mcpsoftware.de The coder used a unsecure VB-function Open to open requested files and didn't include a working error handling On Error Goto etc. It's possible to exploit this...