Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.58 views

EUVD-2025-24265

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00359EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/14 3:49 p.m.16 views

CVE-2025-54864

Hydra is a continuous integration service for Nix based projects. Prior to commit f7bda02, /api/push-github and /api/push-gitea are called by the corresponding forge without HTTP Basic authentication. Both forges do however feature HMAC signing with a secret key. Triggering an evaluation can be...

7.5CVSS7AI score0.00359EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 3:48 p.m.6 views

CVE-2025-54864 Hydra missing authentication when triggering evaluations through GitHub and Gitea plugins

Hydra is a continuous integration service for Nix based projects. Prior to commit f7bda02, /api/push-github and /api/push-gitea are called by the corresponding forge without HTTP Basic authentication. Both forges do however feature HMAC signing with a secret key. Triggering an evaluation can be...

6.9CVSS7AI score0.00359EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/08/12 3:48 p.m.4 views

CVE-2025-54864

Hydra is a continuous integration service for Nix based projects. Prior to commit f7bda02, /api/push-github and /api/push-gitea are called by the corresponding forge without HTTP Basic authentication. Both forges do however feature HMAC signing with a secret key. Triggering an evaluation can be...

7.5CVSS6.8AI score0.00359EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.5 views

Hydra 访问控制错误漏洞

Hydra is a Nix open source continuous integration service based on the Nix project. An access control error vulnerability exists in versions prior to Hydra f7bda02, which stems from the lack of HTTP basic authentication in /api/push-github and /api/push-gitea, which could lead to a denial of...

7.5CVSS6.5AI score0.00359EPSS
Exploits0References2
Rows per page
Query Builder