8 matches found
CVE-2026-58658
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...
CVE-2026-58658
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...
EUVD-2026-44750
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port...
CVE-2026-29779 UptimeFlare: Montior config / Credentials in `workerConfig` exposed in client-side JavaScript bundle
UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig safe for client use and workerConfig server-only, contains sensitive data from the same module. Due to...
CVE-2026-29779 UptimeFlare: Montior config / Credentials in `workerConfig` exposed in client-side JavaScript bundle
UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig safe for client use and workerConfig server-only, contains sensitive data from the same module. Due to...
EUVD-2026-10152
UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig safe for client use and workerConfig server-only, contains sensitive data from the same module. Due to...
CVE-2026-29779
UptimeFlare (serverless uptime monitoring using Cloudflare Workers) had server-only configuration, workerConfig, exported from the same module as safe client data. Prior to commit 377a596, pages/incidents.tsx imported workerConfig into a client-side component, causing the entire workerConfig obje...
CVE-2026-29779 UptimeFlare: Montior config / Credentials in `workerConfig` exposed in client-side JavaScript bundle
UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig safe for client use and workerConfig server-only, contains sensitive data from the same module. Due to...