Lucene search
K

8 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in toxiproxy (npm)

The package toxiproxy was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-37116 Malicious code in toxiproxy (npm)

The package toxiproxy was found to contain malicious code...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.17 views

Fedora: Security Advisory for golang-github-shopify-toxiproxy (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/30 2:0 a.m.17 views

[SECURITY] Fedora 36 Update: golang-github-shopify-toxiproxy-2.1.4-11.fc36

Toxiproxy is a framework for simulating network conditions. It's made specifically to work in testing, CI and development environments, supporting deterministic tampering with connections, but with support for randomized chaos and customization. Toxiproxy is the tool you need to prove with tests...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.19 views

Fedora: Security Advisory for golang-github-shopify-toxiproxy (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.1AI score
Exploits0References2
Fedora
Fedora
added 2022/07/17 1:16 a.m.42 views

[SECURITY] Fedora 35 Update: golang-github-shopify-toxiproxy-2.1.4-10.fc35

Toxiproxy is a framework for simulating network conditions. It's made specifically to work in testing, CI and development environments, supporting deterministic tampering with connections, but with support for randomized chaos and customization. Toxiproxy is the tool you need to prove with tests...

9.3CVSS8.2AI score0.05994EPSS
Exploits3
Veracode
Veracode
added 2017/06/28 5:24 a.m.4 views

Same-Origin Policy Bypass

github.com/shopify/toxiproxy is vulnerable to same-origin policy bypass. A malicious user can use the library to bypass web browsers same origin policy and obtain sensitive information...

6.6AI score
Exploits0
Hacker One
Hacker One
added 2017/06/04 4:15 a.m.49 views

Shopify: [out-of-scope] toxiproxy: Lack of CSRF protection allows an attacker to gain access to internal Shopify network

Disclaimer In case this report ever becomes public I wanted to start it out with a disclaimer so it doesn't become referenced an example for out-of-scope/policy violating submissions in the future: At the time of submission this report is out-of-scope and as such I have no expectations of reward...

7.4AI score
Exploits0
Rows per page
Query Builder