14 matches found
PT-2026-32983
Name of the Vulnerable Software and Affected Versions Giskard versions prior to 1.0.2b1 Description The RegexMatching check in the giskard-checks package passes a user-supplied regular expression pattern directly to the Python re.search function without a timeout, complexity guard, or pattern...
EUVD-2019-0309
Malware in sbrugna...
Malicious code in app-bridge-testing-library (npm)
The package app-bridge-testing-library was found to contain malicious code...
MAL-2025-14661 Malicious code in app-bridge-testing-library (npm)
The package app-bridge-testing-library was found to contain malicious code...
SUSE CVE-2024-58036
Net::Dropbox::API 1.9 and earlier for Perl uses the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. Specifically Net::Dropbox::API uses the Data::Random library which specifically states that it is "Useful mostly for test...
CVE-2024-39878
In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection...
Fedora: Security Advisory for rust-cargo-insta (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: rust-cargo-insta-1.38.0-2.fc39
A review tool for the insta snapshot testing library for Rust...
[SECURITY] Fedora 40 Update: rust-cargo-insta-1.38.0-2.fc40
A review tool for the insta snapshot testing library for Rust...
MAL-2022-7391 Malicious code in zilliqa-testing-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 84efbae60bf31c7ffeddbcaee26616114654695b402b38559875c541236107a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in zilliqa-testing-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 84efbae60bf31c7ffeddbcaee26616114654695b402b38559875c541236107a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 35 Update: rust-insta-1.11.0-1.fc35
Snapshot testing library for Rust...
Fedora: Security Advisory for rust-insta (FEDORA-2022-f3b8d958e8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-10653
CVE-2016-10653 concerns the xd-testing package, where the library downloads binary resources over HTTP. The root issue is insecure HTTP transfer of executables, enabling a network-position attacker to intercept the response and replace the binary, potentially leading to remote code execution on t...