Lucene search
+L

6 matches found

PyPA
PyPA
added 2026/06/02 9:16 a.m.4 views

PYSEC-2026-2261

In version 3.6.19 of prefecthq/prefect, an authentication bypass vulnerability exists due to the improper handling of URL path exemptions for health check probes. Specifically, the authentication middleware exempts any URL path ending with 'health' or 'ready' from authentication checks. This allo...

7.5CVSS7AI score0.00476EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.10 views

CVE-2023-50724

Resque pronounced like "rescue" is a Redis-backed library for creating background jobs, placing those jobs on multiple queues, and processing them later. resque-web in resque versions before 2.1.0 are vulnerable to reflected XSS through the currentqueue parameter in the path of the queues endpoin...

6.3CVSS6.3AI score0.00484EPSS
Exploits1References1
Snyk
Snyk
added 2023/12/18 7:34 p.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the currentqueue parameter in the path of the queues endpoint. An attacker can manipulate the output displayed to the user by injecting malicious scripts into the web page. Details Cross-site scripting or XS...

6.3CVSS5.3AI score0.00484EPSS
Exploits1References2
Snyk
Snyk
added 2023/12/18 7:33 p.m.4 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the currentqueue portion of the path on the /queues endpoint. An attacker can manipulate the output of the web page by injecting malicious scripts into the URL path. Details Cross-site scripting or XSS is a...

6.3CVSS5.3AI score0.00514EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.8 views

PT-2023-31623 · Resque · Resque

Name of the Vulnerable Software and Affected Versions: Resque versions prior to 2.1.0 Description: The issue is related to reflected Cross Site Scripting XSS through the current queue parameter in the path of the queues endpoint. This allows for potential exploitation by manipulating the endpoint...

6.3CVSS5.9AI score0.00484EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.8 views

PT-2023-31625 · Resque · Resque

Name of the Vulnerable Software and Affected Versions: Resque versions prior to 2.6.0 Description: A reflected XSS issue occurs when the /queues endpoint is appended with malicious input, such as ". This allows for cross-site scripting attacks. The estimated number of potentially affected devices...

6.3CVSS5.8AI score0.00514EPSS
Exploits0References11
Rows per page
Query Builder