Lucene search
K

4 matches found

Snyk
Snyk
added 2026/05/05 6:42 p.m.8 views

Open Redirect

Overview @workos/authkit-session is a Framework-agnostic authentication library for WorkOS with pluggable storage adapters Affected versions of this package are vulnerable to Open Redirect via the handleCallback function when processing the returnPathname value derived from the OAuth state...

5.3CVSS5.8AI score0.00196EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/16 10:41 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of validation on attacker-controlled counts and lengths in the SPDY/3 frame parser. An attacker can exhaust process memory and cause an out-of-memory crash by sending ...

8.7CVSS5.4AI score0.00656EPSS
Exploits0References2
Snyk
Snyk
added 2025/05/01 6:27 a.m.4 views

Arbitrary Command Injection

Overview @cdklabs/cdk-proserve-lib is an AWS CDK library containing constructs, aspects, and patterns. Affected versions of this package are vulnerable to Arbitrary Command Injection due to forgetting to export the new Aspect. An attacker can compromise insecure resource policy settings,...

9.8CVSS7.3AI score
Exploits0References3
Snyk
Snyk
added 2024/10/01 6:37 a.m.1 views

Race Condition

Overview ophyd-async is an Asynchronous Bluesky hardware abstraction code, compatible with control systems like EPICS and Tango Affected versions of this package are vulnerable to Race Condition when setting one signal and monitoring another. This issue could lead to missed signal changes or...

8.3CVSS6.9AI score
Exploits0References3
Rows per page
Query Builder