Cross-site Request Forgery (CSRF)

Overview rwsdk is a Build fast, server-driven webapps on Cloudflare with SSR, RSC, and realtime Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the serverAction process. An attacker can trigger unauthorized state changes or actions by inducing an...

PT-2024-36790

Name of the Vulnerable Software and Affected Versions pyrage versions 1.2.0 through 1.2.2 Description The issue concerns the execution of arbitrary binaries due to malicious plugin names, recipients, or identities. This can occur when a plugin name containing a path separator is provided to the a...

PT-2023-10820 · Segmentio · Is-Url

Name of the Vulnerable Software and Affected Versions: Segmentio is-url versions up to 1.2.2 Description: A vulnerability was found in the file index.js, leading to inefficient regular expression complexity. The attack may be launched remotely. Recommendations: For versions up to 1.2.2, upgrade t...

PT-2018-2779 · Quagga +5 · Quagga +5

Name of the Vulnerable Software and Affected Versions: Quagga versions prior to 1.2.3 Description: The issue is related to the implementation of the BGP protocol in Quagga software, specifically a double-free memory error when handling certain forms of UPDATE messages that contain cluster-list...