9 matches found
EUVD-2023-48045
Malicious code in bioql PyPI...
CVE-2023-43656
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions those that have generic.allowJsTransformationFunctions in their config, may be vulnerable to an attack where it is possible to break out of...
CVE-2023-43656
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions those that have generic.allowJsTransformationFunctions in their config, may be vulnerable to an attack where it is possible to break out of...
CVE-2023-43656 Sandbox escape for instances that have enabled transformation functions in matrix-hookshot
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions those that have generic.allowJsTransformationFunctions in their config, may be vulnerable to an attack where it is possible to break out of...
CVE-2023-43656 Sandbox escape for instances that have enabled transformation functions in matrix-hookshot
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions those that have generic.allowJsTransformationFunctions in their config, may be vulnerable to an attack where it is possible to break out of...
CVE-2023-43656
CVE-2023-43656 affects matrix-hookshot. When transformation functions are enabled (generic.allowJsTransformationFunctions), an attacker could break out of the vm2 sandbox, making Hookshot vulnerable. This primarily concerns instances where untrusted users can apply their own transformation functi...
CVE-2023-43656 Sandbox escape for instances that have enabled transformation functions in matrix-hookshot
matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances that have enabled transformation functions those that have generic.allowJsTransformationFunctions in their config, may be vulnerable to an attack where it is possible to break out of...
PT-2023-28902 · Github +2 · Github +2
Name of the Vulnerable Software and Affected Versions: matrix-hookshot versions prior to 4.5.0 Description: The issue affects matrix-hookshot, a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Instances with enabled transformation functions, specifically those...
OSV-2020-1534 Use-of-uninitialized-value in void transform_idct_add<unsigned short>
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23918 Crash type: Use-of-uninitialized-value Crash state: void transformidctadd transform8x8add16fallback void accelerationfunctions::transformadd...