12 matches found
EUVD-2022-38827
Malicious code in bioql PyPI...
Malicious code in growthbook-cli (npm)
The package growthbook-cli was found to contain malicious code...
MAL-2025-21989 Malicious code in growthbook-cli (npm)
The package growthbook-cli was found to contain malicious code...
MAL-2025-1246 Malicious code in growthbook-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c737e188f198e2f774debc152e35106477be618741ecc8afc62df2b72b9d0323 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in growthbook-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c737e188f198e2f774debc152e35106477be618741ecc8afc62df2b72b9d0323 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-36065
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...
Design/Logic Flaw
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...
CVE-2022-36065
GrowthBook (self-hosted) prior to 2022-08-29 is affected by an account creation and arbitrary file-upload vulnerability that can lead to remote code execution if a Python script is uploaded to an arbitrary directory inside the container. Exploitation requires all of: self-hosted deployment (Growt...
CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...
CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...
CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations
GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...
GrowthBook 路径遍历漏洞
GrowthBook is an open source feature markup and A/B testing platform from GrowthBook Open Source. A path traversal vulnerability exists in versions of GrowthBook prior to 2022-08-29, which stems from some self-hosted configurations, and can be exploited by an attacker to register a new account an...