Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/05/11 9:20 p.m.5 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in the logging process. An attacker can access sensitive information by obtaining the local sqlite database, which may contain file content that should have been...

6.8CVSS5.5AI score0.00106EPSS
Exploits0References2
RustSec
RustSec
added 2025/11/24 12:0 p.m.8 views

Missing check in ZK proof in CGGMP21 Threshold Signing Protocol

Vulnerability concerns a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check. However, we recommend upgrading to cggmp24...

9.3CVSS6.7AI score0.00166EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/03/01 6:38 a.m.6 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to a missing maximum tree depth check in emitter functions. Remediation Upgrade rapidyaml to version 0.7.0 or higher. References - GitHub Commit - GitHub PR...

6.9CVSS6.8AI score
Exploits0References3
OSV
OSV
added 2024/10/04 8:15 p.m.11 views

AZL-50114 CVE-2024-47764 affecting package reaper for versions less than 3.1.1-13

cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...

6.9CVSS6.7AI score0.00744EPSS
Exploits0References1
Rows per page
Query Builder