4 matches found
GHSA-C23C-RP3M-VPG3 Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...
EUVD-2025-27478
Malicious code in bioql PyPI...
CVE-2025-58442
Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of accountRegister may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the...
PT-2025-36939
Name of the Vulnerable Software and Affected Versions: Saleor versions 3.21.0 through 3.21.15 Description: Saleor is an e-commerce platform. Requesting certain fields in the response of the accountRegister API endpoint may reveal whether a user with a provided email address already exists in the...