Lucene search
+L

4 matches found

vulnersOsv
vulnersOsv
added 2023/06/15 7:5 p.m.8 views

@activepieces/piece-amazon-s3 (=0.0.2), @adobe/helix-admin-support (>=2.1.22 <=2.1.23) +471 more potentially affected by unknown CVE via fast-xml-parser (=4.2.4)

fast-xml-parser NPM version =4.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on fast-xml-parser and may be impacted: - @activepieces/piece-amazon-s3 =0.0.2 - @adobe/helix-admin-support =2.1.22, =9.0.39, =2.1.1, =2.1.15, =1.11.158, =1.0.4-0, =1.2.39-...

5.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/09 10:49 a.m.20 views

A scanning tool for open-sourced software packages? Yes, please!

The Open Source Security Foundation OpenSSF, a collective of industry leaders aimed at improving the security of open-source software OSS, recently announced the release of a prototype tool that scans for malicious packages in open source repositories. This tool, conveniently called Package...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/02 4:50 a.m.35 views

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

The Open Source Security Foundation OpenSSF has announced the initial prototype release of a new tool that's capable of carrying out dynamic analysis of all packages uploaded to popular open source repositories. Called the Package Analysis project, the initiative aims to secure open-source packag...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2014/06/12 2:51 p.m.14 views

Google Play App Permissions Privacy, Security Concerns

Google’s revamped app permissions for Google Play are not being well received by Android users. Reddit threads are rife with adjectives such as “stupid” and “dangerous,” primarily because Google’s attempt to simplify permissions granted to automatically updated applications may in fact expose use...

7.1AI score
Exploits0References3
Rows per page
Query Builder