2 matches found
PT-2024-29488 · Memos · Memos
Name of the Vulnerable Software and Affected Versions: memos versions 0.20.1 and earlier Description: A CORS misconfiguration exists in memos where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin reques...
com.github.thinker0.heron:heron-common (>=1.0.0 <=1.0.7), com.github.thinker0.heron:heron-kafka-client (>=1.0.0 <=1.0.7) +1 more potentially affected by CVE-2021-42010 via org.apache.heron:heron-api (>=0.20.1-incubating <=0.20.4-incubating)
org.apache.heron:heron-api MAVEN version =0.20.1-incubating, =1.0.0, =1.0.0, =1.0.3, =1.0.7 Source cves: CVE-2021-42010 Source advisory: OSV:GHSA-95W5-Q9VP-5VRM...