8 matches found
CVE-2025-67733
Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...
EUVD-2024-0403
Malicious code in bioql PyPI...
Cross-site Scripting (XSS)
urql/next is vulnerable to Cross-site scripting XSS. The vulnerability is due to improper sanitization of HTML-like characters in the response stream. An attacker can inject malicious scripts by ensuring that the response returns html tags and that the web-application is using streamed responses...
GHSA-QHJF-HM5J-335W @urql/next Cross-site Scripting vulnerability
impact The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is due to improper escaping of html-like characters in the response-stream...
@urql/next Cross-site Scripting vulnerability
impact The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is due to improper escaping of html-like characters in the response-stream...
CVE-2024-24556
urql is a GraphQL client that exposes a set of helpers for several frameworks. The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is...
CVE-2024-24556 XSS in @urql/next
urql is a GraphQL client that exposes a set of helpers for several frameworks. The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is...
CVE-2024-24556 XSS in @urql/next
urql is a GraphQL client that exposes a set of helpers for several frameworks. The @urql/next package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns html tags and that the web-application is using streamed responses non-RSC. This vulnerability is...