4 matches found
EUVD-2006-1121
Malware in sbrugna...
PT-2023-31361 · Npm · @Koa/Cors
Name of the Vulnerable Software and Affected Versions: @koa/cors versions prior to 5.0.0 Description: The @koa/cors middleware for the koa web framework in Node.js has a security issue where it returns an Access-Control-Allow-Origin header with the value of the origin from the request if an allow...
Discover and Assess the Risk of Embedded Open-Source Software (OSS) Vulnerabilities
Runtime Software Composition Analysis with the Qualys Cloud Agent In a blog post published last week, we discussed the importance of managing risk across software developed in-house. A great deal of that risk is introduced by vulnerabilities in open-source packages like Log4Shell, OpenSSL, etc...
PT-2022-20466 · Bleve +1 · Bleve +1
Name of the Vulnerable Software and Affected Versions: Bleve affected versions not specified Description: The issue concerns the bleve/http package, which is used for demonstration purposes and lacks authentication, authorization, and validation of user inputs. This allows attackers to exploit a...