3 matches found
EUVD-2022-0153
Malicious code in bioql PyPI...
CVE-2024-53994
Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable...
CVE-2023-49799 Server-Side Request Forgery in nuxt-api-party
nuxt-api-party is an open source module to proxy API requests. nuxt-api-party attempts to check if the user has passed an absolute URL to prevent the aforementioned attack. This has been recently changed to use the regular expression ^https?://, however this regular expression can be bypassed by ...