EUVD-2022-3863

Malicious code in bioql PyPI...

Malicious code in nstmrt-stf-api-poc (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 29e69957371cd4fe181aa65e4f774a3c807e8ff11ebda5f2226dd881f89961ae The OpenSSF Package Analysis project identified 'nstmrt-stf-api-poc' ...

MAL-2025-5249 Malicious code in nstmrt-stf-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0da052c315a64ad23ddcebd853a91fc2f81597d0cd587326b5f7554911cc9d73 The OpenSSF Package Analysis project identified 'nstmrt-stf-api' @ 1.0.10 npm as malicious. It is considered malicious because: - The package...

Malicious code in nstmrt-stf-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0da052c315a64ad23ddcebd853a91fc2f81597d0cd587326b5f7554911cc9d73 The OpenSSF Package Analysis project identified 'nstmrt-stf-api' @ 1.0.10 npm as malicious. It is considered malicious because: - The package...

CVE-2023-51839

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-52740

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch The RFI and STF security mitigation options can flip the interruptexitnotreentrant static branch condition concurrently with the interrupt exit code...

CVE-2023-52740

The CVE-2023-52740 issue affects the Linux kernel on powerpc64s where a race occurs during interrupt exit with security mitigations (RFI/STF). The root cause is that the interrupt_exit_not_reentrant condition can be flipped concurrently with the interrupt exit tests that set MSR[EE|RI], and then ...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.5.4 security update

An update is now available for Service Telemetry Framework 1.5.4 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

GHSA-7XM8-WJQ7-88R5 DeviceFarmer stf uses DES-ECB

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

DeviceFarmer stf uses DES-ECB

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51839

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51839

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51839

DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm...

CVE-2023-51839

DeviceFarmer STF v3.6.6 is affected by CVE-2023-51839 due to use of a broken or risky cryptographic algorithm, specifically DES-ECB. This weak cryptography vulnerability is repeatedly reported across multiple sources (GHSA/Veracode/CNNVD) and is rated high in CVSS metrics (Network, high confident...

Moderate: Red Hat Security Advisory: Service Telemetry Framework 1.5 security update

An update is now available for Service Telemetry Framework 1.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.4 security update

An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Jenkins Open STF Plugin stores credentials in plain text

Jenkins Open STF Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

GHSA-G2RP-QWRQ-QQQQ Jenkins Open STF Plugin stores credentials in plain text

Jenkins Open STF Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.3 (sg-core-container) security update

An update for sg-core-container is now available for Service Telemetry Framework 1.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.4 (sg-core-container) security update

An update for sg-core-container is now available for Service Telemetry Framework 1.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...