3 matches found
EUVD-2024-1036
Malicious code in bioql PyPI...
CVE-2024-28867
Swift Prometheus is a Swift client for the Prometheus monitoring system, supporting counters, gauges and histograms. In code which applies un-sanitized string values into metric names or labels, an attacker could make use of this and send a ?lang query parameter containing newlines, or similar...
CVE-2024-28867
Summary (CVE-2024-28867): Swift Prometheus contains a vulnerability where unsanitized string values used in metric names or labels can be crafted via a ?lang query parameter to inject special characters, potentially leading to unbounded metric growth and memory usage. The issue is described acros...