79 matches found
EUVD-2019-0063
Malware in sbrugna...
EUVD-2008-1628
Malware in sbrugna...
EUVD-2019-0064
Malware in sbrugna...
EUVD-2019-0061
Malware in sbrugna...
EUVD-2019-0062
Malware in sbrugna...
EUVD-2021-0102
Malware in sbrugna...
Malicious code in invenio (npm)
The package invenio was found to contain malicious code...
MAL-2025-23294 Malicious code in invenio (npm)
The package invenio was found to contain malicious code...
CVE-2021-43781
Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...
CVE-2019-1020005
invenio-communities before 1.0.0a20 allows XSS...
CVE-2019-1020006
invenio-app before 1.1.1 allows host header injection...
CVE-2019-1020003
invenio-records before 1.2.2 allows XSS...
CVE-2019-1020019
invenio-previewer before 1.0.0a12 allows XSS...
GHSA-HJX6-F647-MVF9 Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components
Impact We have identified a Cross-Site Scripting XSS vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The...
Invenio-Communities has a Cross-Site Scripting (XSS) vulnerability in React components
Impact We have identified a Cross-Site Scripting XSS vulnerability within certain React components related to community members in the Invenio-Communities module. This vulnerability enables a user to inject a script tag into the Affiliations field during the account registration process. The...
GHSA-XR38-W74Q-R8JV Permissions not properly checked in Invenio-Drafts-Resources
Impact Invenio-Drafts-Resources does not properly check permissions when a record is published. The vulnerability is exploitable in a default installation of InvenioRDM. An authenticated user is able via REST API calls to publish draft records of other users if they know the record identifier and...
Permissions not properly checked in Invenio-Drafts-Resources
Impact Invenio-Drafts-Resources does not properly check permissions when a record is published. The vulnerability is exploitable in a default installation of InvenioRDM. An authenticated user is able via REST API calls to publish draft records of other users if they know the record identifier and...
CVE-2021-43781
Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...
CVE-2021-43781
Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...
PYSEC-2021-837
Invenio-Drafts-Resources is a submission/deposit module for Invenio, a software framework for research data management. Invenio-Drafts-Resources prior to versions 0.13.7 and 0.14.6 does not properly check permissions when a record is published. The vulnerability is exploitable in a default...