36 matches found
EUVD-2021-0864
Malware in sbrugna...
EUVD-2018-0577
Malware in sbrugna...
EUVD-2018-0773
Malware in sbrugna...
CVE-2020-27543
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
MAL-2024-8762 Malicious code in falcor-restify-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d65bd1e0827a70f5ef5dcd48080f47b4954d22f07cdba313bf94bb7508d4f1f7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in falcor-restify-demo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d65bd1e0827a70f5ef5dcd48080f47b4954d22f07cdba313bf94bb7508d4f1f7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Denial of Service (DoS) in restify-paginate
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
GHSA-QR9H-VR5P-PWWX Denial of Service (DoS) in restify-paginate
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
Denial Of Service (DoS)
restify-paginate is vulnerable to denial of service. An attacker is able to crash the application by omitting the HTTP Host header in the HTTP request...
CVE-2020-27543
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
CVE-2020-27543
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
Design/Logic Flaw
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
CVE-2020-27543
CVE-2020-27543 affects the restify-paginate package for Node.js (version 0.0.5). The vulnerability allows remote attackers to cause a Denial of Service by omitting the HTTP Host header, leading a Restify-based service to crash with an uncaught exception. Connected advisories (including Red Hat, G...
CVE-2020-27543
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception...
Paul Varache restify-paginate security vulnerability
Paul Varache restify-paginate is a Paul Varache open source application. A middleware that helps navigation between pages. A security vulnerability in restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a denial of service by ignoring HTTP host headers...
peanut-restify (>=1.1.0 <=1.1.66) potentially affected by unknown CVE via restify-swagger-jsdoc (>=1.1.2 <=1.2.1)
restify-swagger-jsdoc NPM version =1.1.2, =1.1.0, =1.1.66 Source cves: unknown CVE Source advisory: OSV:GHSA-GVFF-25CC-4F66...
GHSA-GVFF-25CC-4F66 Path Traversal in restify-swagger-jsdoc
Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...
Path Traversal in restify-swagger-jsdoc
Versions of restify-swagger-jsdoc prior to 3.2.1 are vulnerable to Path Traversal. The package fails to properly sanitize URLs, which may allow attackers to access server files outside the swagger-ui folder by using relative paths. Recommendation Upgrade to version 3.2.1 or later...
Node.js: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests
Summary: Node.js is vulnerable to HTTP denial of service DOS attacks based on delayed requests submission which can make the server unable to accept new connections. Description: An attacker can open an arbitrary number of HTTP connections and keep the server busy by never completing the request...
Cross-Site Scripting (XSS) in restify
Affected versions of restify are susceptible to a cross-site scripting vulnerability when using URL encoded script tags in a non-existent URL. Proof of Concept: Request https://localhost:3000/no5such3file7.pl?%22%3E%3Cscript%3Ealert73541;%3C/script%3E Will be included in response: alert73541;...