Lucene search
K

4 matches found

Snyk
Snyk
added 2025/11/07 11:41 p.m.2 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to insufficient peer verification logic in the verifyPeerCert function. An attacker can impersonate privileged API components and execute unauthorized operations by compromising a single instance and...

6.5CVSS5.5AI score0.00181EPSS
Exploits1References2
Snyk
Snyk
added 2023/06/08 8:21 a.m.3 views

Information Exposure

Overview logstash-core is a scalable log and event management tool. Affected versions of this package are vulnerable to Information Exposure due to allowing remote attackers to read communications between Logstash Forwarder agent and Logstash server. Remediation Upgrade logstash-core to version...

7.5CVSS6.9AI score0.02462EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/05 12:0 a.m.3 views

PT-2023-17240 · Hashicorp · Nomad Enterprise +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions 1.5.0 through 1.5.2 Description: The issue allows unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This can lead to unauthorized access and...

9.9CVSS7.3AI score0.00759EPSS
Exploits0References13
Snyk
Snyk
added 2022/01/05 3:31 p.m.4 views

Information Exposure

Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Information Exposure. Go Vulnerability Report: Int.Exp Montgomery mishandled carry propagation and produced an incorrect output, which makes it easier for attackers to obtain...

8.7CVSS6.4AI score0.02627EPSS
Exploits0References3
Rows per page
Query Builder