Lucene search
+L

5 matches found

Snyk
Snyk
added 2025/12/17 8:38 p.m.4 views

Use of a Broken or Risky Cryptographic Algorithm

Overview Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm when storing encrypted data keys in an instruction file. An attacker with write access to the S3 bucket can manipulate encrypted data keys to cause decryption to unintended plaintext by...

6CVSS6.7AI score0.00097EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/02 8:11 p.m.26 views

CVE-2025-0782

...

Exploits0
OSV
OSV
added 2025/03/20 12:32 p.m.4 views

GHSA-XX7C-J7H3-VJCQ TorchServe script references S3 bucket without ensuring ownership or confirming accessibility

In the latest version of pytorch/serve, the script 'uploadresultstos3.sh' references the S3 bucket 'benchmarkai-metrics-prod' without ensuring its ownership or confirming its accessibility. This could lead to potential security vulnerabilities or unauthorized access to the bucket if it is not...

6.3CVSS7AI score0.00362EPSS
Exploits0References3
CVE
CVE
added 2025/03/20 10:10 a.m.45 views

CVE-2024-6577

CVE-2024-6577 affects pytorch/serve. The script upload_results_to_s3.sh references the S3 bucket benchmarkai-metrics-prod without verifying ownership or accessibility, potentially enabling data exposure or unauthorized modifications if the bucket is not properly secured. No explicit remediation o...

6.3CVSS6.5AI score0.00362EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.7 views

CVE-2024-6583 Path Traversal in stangirard/quivr

A path traversal vulnerability exists in the latest version of stangirard/quivr. This vulnerability allows an attacker to upload files to arbitrary paths in an S3 bucket by manipulating the file path in the upload request...

4.3CVSS4.8AI score0.00547EPSS
Exploits1References1
Rows per page
Query Builder