12 matches found
EUVD-2022-5127
Malicious code in bioql PyPI...
Malicious code in nuclide-marshalers-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb1c8b8e363dfc14973a0758f9f6d95d301205c087c81838fc1bc56da9dfc2b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4972 Malicious code in nuclide-marshalers-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb1c8b8e363dfc14973a0758f9f6d95d301205c087c81838fc1bc56da9dfc2b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-R83X-WJ75-V89R Nuclide Improper Input Validation
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...
Nuclide Improper Input Validation
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...
Remote Code Execution (RCE)
nuclide is vulnerable to remote code execution RCE. The vulnerability exists due to the lack of sanitization of hostname parameter for invalid character during hhvm-attach deep link handler request, allowing the malicious code to be entered via the parameter...
CVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...
Remote code execution
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...
CVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...
CVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...
CVE-2018-6333
The CVE-2018-6333 issue affects Nuclide’s hhvm-attach deep link handler, where the hostname parameter was not properly sanitized when rendering, allowing a malicious URL to render HTML inside the editor and potentially chain to code execution. Affected releases are Nuclide prior to v0.290.0. Miti...
CVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content inside of the editor's context, which could potentially be chained to lead to code execution. This iss...