Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2026/01/14 6:37 a.m.3 views

EUVD-2026-2663

Malicious code in transitive-req PyPI...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:9 p.m.6 views

Malicious code in puny-req (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b37178e16f3045461008067eca9077a2b41c9c0809b2fd8b3082038a7b74ab3 The package puny-req was found to contain malicious code. Source: ghsa-malware 4ed85c7d479a94c8140d2a0d11769e23097d68af45d550610438f446986c3cbb Any...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/07/15 3:59 a.m.3 views

MAL-2025-5947 Malicious code in pino-req (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2659b9b4bc1c25e48f12927e3b920f8b1eacccf6ddd951b110537a31a062ccf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 10:31 a.m.3 views

CVE-2024-45258

The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a "garbage in, garbage out" design...

9.8CVSS6.8AI score0.00724EPSS
Exploits0References1
OSV
OSVadded 2024/08/25 10:15 p.m.9 views

CVE-2024-45258

The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a "garbage in, garbage out" design...

9.8CVSS9.5AI score
Exploits0References2
NVD
NVDadded 2024/08/25 10:15 p.m.13 views

CVE-2024-45258

The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a "garbage in, garbage out" design...

9.8CVSS0.00724EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/08/25 12:0 a.m.10 views

CVE-2024-45258

The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a "garbage in, garbage out" design...

7.2AI score0.00724EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/08/25 12:0 a.m.11 views

CVE-2024-45258

The req package before 3.43.4 for Go may send an unintended request when a malformed URL is provided, because cleanHost in http.go intentionally uses a "garbage in, garbage out" design...

0.00724EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/08/25 12:0 a.m.3 views

PT-2024-31514 · Req · Req

Name of the Vulnerable Software and Affected Versions: req package versions prior to 3.43.4 Description: The req package may send an unintended request when a malformed URL is provided, due to the cleanHost function in http.go using a "garbage in, garbage out" design. This can lead to security...

9.8CVSS8.2AI score0.00724EPSS
Exploits0References17
CVE
CVEadded 2024/08/25 12:0 a.m.62 views

CVE-2024-45258

CVE-2024-45258 affects the Go req package prior to 3.43.4. The root cause is the cleanHost implementation in http.go using a “garbage in, garbage out” design, which may cause the library to send an unintended HTTP request when a malformed URL is provided. Public documents describe potential secur...

9.8CVSS7AI score0.00724EPSS
Exploits0References2
Rows per page
Query Builder