MiracleLinux 7 : pki-core-10.5.18-12.el7 (AXSA:2021-1610:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1610:01 advisory. pki-core: Unprivileged users can renew any certificate CVE-2021-20179 pki-core: XSS in the certificate search results CVE-2020-25715 pki-core:...

Malicious code in getcookies (npm)

The package getcookies was found to contain malicious code...

MAL-2025-21368 Malicious code in getcookies (npm)

The package getcookies was found to contain malicious code...

pki-core: Reflected XSS in getcookies?url= endpoint in CA

A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute...

CVE-2019-10221 Pki-core: Reflected XSS In Getcookies?url= Endpoint In CA

pki-core is vulnerable to cross-site scripting. The vulnerability exists due to a missing sanitization of the GET URL parameters...

pki-core: Reflected XSS in getcookies?url= endpoint in CA

A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute...

pki-core: Reflected XSS in getcookies?url= endpoint in CA

A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute...

Malicious Package in getcookies

The getcookies module contained a backdoor that would allow for a remote attacker to execute arbitrary commands on the system running the malicious module. Recommendation This module should be uninstalled if found used within an application. In addition to removing the installed module, you will...

GHSA-3CJV-4PHW-GVVV Malicious Package in getcookies

The getcookies module contained a backdoor that would allow for a remote attacker to execute arbitrary commands on the system running the malicious module. Recommendation This module should be uninstalled if found used within an application. In addition to removing the installed module, you will...

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

Malicious Package

Overview The getcookies module contained a backdoor that would allow for a remote attacker to execute arbitrary commands on the system running the malicious module. Recommendation This module should be uninstalled if found used within an application. In addition to removing the installed module,...

Node.js third-party modules: Remote code executio in NPM package getcookies

NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report remote code...

Fedora 18 : php-pear-CAS-1.3.2-1.fc18 (2012-21084)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

Fedora 16 : php-pear-CAS-1.3.2-1.fc16 (2012-21122)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...

Fedora 17 : php-pear-CAS-1.3.2-1.fc17 (2012-21106)

Changes in version 1.3.2 Security Fixes : - CVE-2012-5583 Missing CN validation of CAS server certificate 58 Joachim Fritschi Bug Fixes : - Fix broken character encoding in Greek and French 40 Joachim Fritschi - Minor error corrections in a few example files Joachim Fritschi - Remove erroneous...