7 matches found
EUVD-2025-20270
Malicious code in bioql PyPI...
CVE-2025-53375
Dokploy is a self-hostable Platform as a Service PaaS that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access e.g., /etc/passwd, application source, environment variable files containing...
CVE-2025-53375 Dokploy allows attackers to read any file that the Traefik process user can access
Dokploy is a self-hostable Platform as a Service PaaS that simplifies the deployment and management of applications and databases. An authenticated attacker can read any file that the Traefik process user can access e.g., /etc/passwd, application source, environment variable files containing...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to excessive resource consumption in handleclosebracket. PoC python3 -c 'print"" 10000' Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and...
GHSA-636F-XM5J-PJ9M Several quadratic complexity bugs may lead to denial of service in Commonmarker
Impact Several quadratic complexity bugs in commonmarker's underlying cmark-gfm library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: CVE-2023-22483 CVE-2023-22484 CVE-2023-22485 CVE-2023-22486 For more information, consu...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to several polynomial time complexity issues that may lead to unbounded resource exhaustion. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intende...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the validateprotocol function in extensions/autolink.c, which exposes malloc metadata. NOTE: The maintainers believe this is harmless. PoC sh echo "to:[email protected]" | ./src/cmark-gfm -e autolink Remediation...