EUVD-2024-3491

Malicious code in bioql PyPI...

EUVD-2024-2004

Malicious code in bioql PyPI...

TencentOS Server 4: pcs (TSSA-2024:1104)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1104 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software

Summary This release includes information about multiple vulnerabilities, improving the overall security and stability of the application. The types of vulnerabilities resolved include: Axios Vulnerability: Addressed an issue that could potentially cause SSRF and credential leakage server and...

Linux Distros Unpatched Vulnerability : CVE-2024-55565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. CVE-2024-55565 Note that Nessus relies on the presence of the...

CVE-2024-36400

nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...

Mishandling Non-integer Values

nanoid is vulnerable to Mishandling non-integer values. The vulnerability is due to insufficient input validation and inadequate type checking in earlier versions of Nano ID, which fails to properly handle non-integer values. It allows attackers to exploit the mishandling of input, leading to...

CVE-2024-55565

nanoid aka Nano ID before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version...

CVE-2024-55565

CVE-2024-55565 affects the Nano ID library. The issue is that nanoid mishandles non-integer values. The fixed versions noted are 5.0.9 and 3.3.8. There are no provided exploit details beyond this description. Affected scope includes Nano ID users relying on default generation behavior that could ...

sessions (>=0.2.0 <=0.6.0), viz (>=0.1.0-alpha.3 <=0.1.0-alpha.10) +1 more potentially affected by CVE-2024-36400 via nano-id (>=0.1.1 <=0.3.3)

nano-id CARGO version =0.1.1, =0.2.0, =0.1.0-alpha.3, =0.1.0, =0.1.2 Source cves: CVE-2024-36400 Source advisory: OSV:GHSA-9HC7-6W9R-WJ94...

GHSA-9HC7-6W9R-WJ94 Unable to generate the correct character set

Reduced entropy due to inadequate character set usage Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the...

Unable to generate the correct character set

Reduced entropy due to inadequate character set usage Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the...

GHSA-2HFW-W739-P7X5 Duplicate Advisory: nano-id reduced entropy due to inadequate character set usage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9hc7-6w9r-wj94. This link is maintained to preserve external references. Original Description Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the...

Duplicate Advisory: nano-id reduced entropy due to inadequate character set usage

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9hc7-6w9r-wj94. This link is maintained to preserve external references. Original Description Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the...

CVE-2024-36400

nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...

CVE-2024-36400 nano-id is unable to generate the correct character set

nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...

CVE-2024-36400 nano-id is unable to generate the correct character set

nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...

CVE-2024-36400 nano-id is unable to generate the correct character set

nano-id is a unique string ID generator for Rust. Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62...

sessions (>=0.2.0 <=0.6.0), viz (>=0.1.0-alpha.3 <=0.1.0-alpha.10) +1 more potentially affected by CVE-2024-36400 via nano-id (>=0.1.1 <=0.3.3)

nano-id CARGO version =0.1.1, =0.2.0, =0.1.0-alpha.3, =0.1.0, =0.1.2 Source cves: CVE-2024-36400 Source advisory: OSV:RUSTSEC-2024-0343...

RUSTSEC-2024-0343 Reduced entropy due to inadequate character set usage

Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62 symbols, and the base58 function used a...