5 matches found
MAL-2024-9423 Malicious code in ethers-eth (npm)
The package contains additional code to exfiltrate user private keys to an attack-controlled server...
MAL-2024-9421 Malicious code in ethers-6 (npm)
The package contains additional code to exfiltrate user private keys to an attack-controlled server...
Input validation
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to...
CVE-2022-23655 Missing server signature validation in OctoberCMS
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to...
CVE-2022-23655 Missing server signature validation in OctoberCMS
Octobercms is a self-hosted CMS platform based on the Laravel PHP Framework. Affected versions of OctoberCMS did not validate gateway server signatures. As a result non-authoritative gateway servers may be used to exfiltrate user private keys. Users are advised to upgrade their installations to...