9 matches found
EUVD-2025-31664
Malicious code in bioql PyPI...
CVE-2025-61584
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
CVE-2025-61584
serverless-dns (versions up to 0.1.30) contains a vulnerability in the pr.yml GitHub Action where unsafe input (github.event.pull_request.head.repo.clone_url and github.head_ref) is interpolated into a command executed by the runner. Because the action uses the pull_request_target trigger, it run...
CVE-2025-61584 serverless-dns is vulnerable to Command Injection through pr.yml GitHub Action Workflow
serverless-dns is a RethinkDNS resolver that deploys to Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. Versions through abd including 0.1.30 have a vulnerability where the pr.yml GitHub Action interpolates in an unsafe manner untrusted input, specifically the...
PT-2025-39926
Name of the Vulnerable Software and Affected Versions serverless-dns versions through 0.1.30 Description serverless-dns is a RethinkDNS resolver that deploys to various platforms including Cloudflare Workers, Deno Deploy, Fastly, and Fly.io. A flaw exists where the pr.yml GitHub Action interpolat...
serverless-dns 命令注入漏洞
serverless-dns is a DNS resolver from serverless-dns open source. A command injection vulnerability exists in serverless-dns version 0.1.30 and earlier, which stems from the pr.yml GitHub Action inserting untrusted input in an insecure manner, which could lead to the execution of attacker code...