EUVD-2023-2869

Malicious code in bioql PyPI...

The vulnerability of the google-translate-api-browser package in the NPM package manager, due to insufficient validation of incoming requests, allows a attacker to perform an SSRF attack.

The vulnerability of the google-translate-api-browser package in the NPM package manager is related to insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor to perform an SSRF attack remotely...

@rigorous/google-translate (=1.0.13), breadbutter-js (=4.6.0) +2 more potentially affected by CVE-2023-48711 via google-translate-api-browser (>=1.1.521 <=3.0.1)

google-translate-api-browser NPM version =1.1.521, =1.6.0, =0.1.2, =0.1.5 Source cves: CVE-2023-48711 Source advisory: OSV:GHSA-4233-7Q5Q-M7P6...

GHSA-4233-7Q5Q-M7P6 google-translate-api-browser Server-Side Request Forgery (SSRF) Vulnerability

Summary A Server-Side Request Forgery SSRF Vulnerability is present in applications utilizing the google-translate-api-browser package and exposing the translateOptions to the end user. An attacker can set a malicious tld, causing the application to return unsafe URLs pointing towards local...

google-translate-api-browser Server-Side Request Forgery (SSRF) Vulnerability

Summary A Server-Side Request Forgery SSRF Vulnerability is present in applications utilizing the google-translate-api-browser package and exposing the translateOptions to the end user. An attacker can set a malicious tld, causing the application to return unsafe URLs pointing towards local...

Server Side Request Forgery

google-translate-api-browser is vulnerable to Server Side Request Forgery. The vulnerability is due to improper sanitization of the translateOptions.tld field in the Google translate URL. If an application utilizing the package exposes the translateOptions to the end user, an attacker can set a...

Server side request forgery (ssrf)

google-translate-api-browser is an npm package which interfaces with the google translate web api. A Server-Side Request Forgery SSRF Vulnerability is present in applications utilizing the google-translate-api-browser package and exposing the translateOptions to the end user. An attacker can set ...

CVE-2023-48711 Server-Side Request Forgery (SSRF) Vulnerability in google-translate-api-browser

google-translate-api-browser is an npm package which interfaces with the google translate web api. A Server-Side Request Forgery SSRF Vulnerability is present in applications utilizing the google-translate-api-browser package and exposing the translateOptions to the end user. An attacker can set ...

CVE-2023-48711

CVE-2023-48711 corresponds to a Server-Side Request Forgery (SSRF) in google-translate-api-browser. The vulnerability arises when applications expose translateOptions to end users; the translateOptions.tld field is not properly sanitized before embedding in the Google Translate URL, enabling an a...

CVE-2023-48711 Server-Side Request Forgery (SSRF) Vulnerability in google-translate-api-browser

google-translate-api-browser is an npm package which interfaces with the google translate web api. A Server-Side Request Forgery SSRF Vulnerability is present in applications utilizing the google-translate-api-browser package and exposing the translateOptions to the end user. An attacker can set ...

google-translate-api-browser Code Issue Vulnerability

google-translate-api-browser is the free and unlimited Google Translate API. A code issue vulnerability exists in versions of google-translate-api-browser prior to 4.1.0, which stems from the translateOptions.tld field not being properly cleaned before being placed in a Google Translate URL. An...

CVE-2023-48711

creationtimestamp| type| source ---|---|--- 2023-11-23 16:37:57+00:00| published-proof-of-concept| https://github.com/cjvnjde/google-translate-api-browser/security/advisories/GHSA-4233-7q5q-m7p6...