Improper Verification of Cryptographic Signature

Overview axonflow is an AxonFlow Python SDK - Enterprise AI Governance in 3 Lines of Code Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the lack of exposure of the HMAC-SHA256 signing key in the SDK's typed API, which prevents...

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime in the handling of TCP connections with ALLOWHALFCLOSURE enabled when a remote peer sends a FIN followed by a RST. An attacker can cause resource exhaustion or high CPU utilization by...

Memory Allocation with Excessive Size Value

Overview Nerdbank.MessagePack is an A modern, fast and NativeAOT-compatible MessagePack serialization library Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value the TryRead timestamp decoder in MessagePackPrimitives.Readers.cs. An attacker can crash...

Incorrect Authorization

Overview @backstage/plugin-catalog-backend-module-unprocessed is a Backstage Catalog module to view unprocessed entities Affected versions of this package are vulnerable to Incorrect Authorization in the unprocessed entities read endpoints. An attacker can gain unauthorized access to sensitive...

Open Redirect

Overview org.webjars.npm:nitropack is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Open Redirect via the routeRules function. An attacker can redirect users to arbitrary external sites by crafting URLs with double slashes after the route...

Open Redirect

Overview nitropack is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Open Redirect via the routeRules function. An attacker can redirect users to arbitrary external sites by crafting URLs with double slashes after the route prefix, causing...

Open Redirect

Overview nitro is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Open Redirect via the routeRules function. An attacker can redirect users to arbitrary external sites by crafting URLs with double slashes after the route prefix, causing browsers...

Directory Traversal

Overview nitropack is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Directory Traversal via the routeRules function. An attacker can access files or endpoints outside the intended proxy scope by sending specially crafted URLs containing...

Directory Traversal

Overview org.webjars.npm:nitropack is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Directory Traversal via the routeRules function. An attacker can access files or endpoints outside the intended proxy scope by sending specially crafted URLs...

Directory Traversal

Overview nitro is a Build and Deploy Universal JavaScript Servers Affected versions of this package are vulnerable to Directory Traversal via the routeRules function. An attacker can access files or endpoints outside the intended proxy scope by sending specially crafted URLs containing...

Timing Attack

Overview pyquorum is a Cryptographic library for secret sharing and key management, powered by Rust Affected versions of this package are vulnerable to Timing Attack via mulmod function implements multiplication via a binary expansion loop whose execution time depends on the Hamming weight of the...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the azureauthextension method. An attacker can gain unauthorized access to telemetry ingestion endpoints by replaying a valid Azure access token for any scope the configured identity c...

Cross-site Request Forgery (CSRF)

Overview misp-modules is a MISP modules are autonomous modules that can be used for expansion and other services in MISP Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the home blueprint, which was exempted from CSRF protection. An attacker can perform...

Server-side Request Forgery (SSRF)

Overview misp-modules is a MISP modules are autonomous modules that can be used for expansion and other services in MISP Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the htmltomarkdown and qrcode modules when handling remote resource fetching. An attacke...

Improper Authentication

Overview fast-jwt is a Fast JSON Web Token implementation Affected versions of this package are vulnerable to Improper Authentication in the async key resolver when it returns an empty string or zero-length buffer. An attacker can gain unauthorized access and assume arbitrary identities by forgin...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the processFuzzySearch function. An attacker can access and extract the entire database contents by supplying crafted input to the column parameter in the HTTP API, which is directly interpolated into raw SQL statement...

Arbitrary Code Injection

Overview PraisonAI is a PraisonAI is an AI Agents Framework with Self Reflection. PraisonAI application combines PraisonAI Agents, AutoGen, and CrewAI into a low-code solution for building and managing multi-agent LLM systems, focusing on simplicity, customisation, and efficient human-agent...

Server-side Request Forgery (SSRF)

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the validateurl function usage of urlparse that treats \ as regular character when extracting host...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the GET /api/v1/stable/dags/tasks endpoint via improper tenant checks in the listTasksByDAGIds function. An attacker can access sensitive task metadata belonging to other tenants by...

Arbitrary Code Injection

Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Arbitrary Code Injection via the setvalue function. An attacker can achieve arbitrary code execution by injecting newline characters into configuration values, which...

Allocation of Resources Without Limits or Throttling

Overview python-multipart is an A streaming multipart parser for Python Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when parsing multipart headers in MultipartParser, which can hang without failing in the following states:...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the gRPC management server. An attacker can access sensitive BGP configuration and manipulate routing decisions by sending unauthorized gRPC requests from any pod within the cluster. This...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the gRPC management server. An attacker can access sensitive BGP configuration and manipulate routing decisions by sending unauthorized gRPC requests from any pod within the cluster. This...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the gRPC management server. An attacker can access sensitive BGP configuration and manipulate routing decisions by sending unauthorized gRPC requests from any pod within the cluster. This...

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the gRPC management server. An attacker can access sensitive BGP configuration and manipulate routing decisions by sending unauthorized gRPC requests from any pod within the cluster. This...

Incorrect Type Conversion or Cast

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast through the extracthiddenstates speculative decoding. An attacker can cause the server to crash and disrupt servic...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the gettemplate function on Windows systems due to improper normalization of backslash characters in URIs. An attacker can access and read files outside the intended template directory by supplying specially craft...

Cross-site Scripting (XSS)

Overview @jupyterlab/notebook is a JupyterLab - Notebook Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary commands, including code...

Cross-site Scripting (XSS)

Overview @jupyterlab/rendermime-interfaces is a JupyterLab - Interfaces for Mime Renderers Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute...

Cross-site Scripting (XSS)

Overview @jupyterlab/apputils-extension is a JupyterLab - Application Utilities Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute...

Cross-site Scripting (XSS)

Overview @jupyterlab/notebook-extension is a JupyterLab - Notebook Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary...

Cross-site Scripting (XSS)

Overview @jupyterlab/apputils is a JupyterLab - Application Utilities Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary commands,...

Cross-site Scripting (XSS)

Overview @jupyterlab/markdownviewer-extension is a JupyterLab - Markdown Renderer Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute...

Cross-site Scripting (XSS)

Overview @jupyterlab/rendermime-extension is an A rendermime extension for JupyterLab Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitra...

Cross-site Scripting (XSS)

Overview @jupyterlab/rendermime is a JupyterLab - RenderMime Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary commands, including co...

Cross-site Scripting (XSS)

Overview @jupyterlab/help-extension is a JupyterLab - Help Extension Affected versions of this package are vulnerable to Cross-site Scripting XSS via the handling of data-commandlinker-command and data-commandlinker-args attributes in HTML content. An attacker can execute arbitrary commands,...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the Engine::error function. An attacker can obtain sensitive information, such as absolute filesystem paths, secrets embedded in exception messages, and internal module structure, by triggering an uncaught...

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict via the getMethod function. An attacker can perform unauthorized actions by sending crafted HTTP requests that override the intended HTTP method, potentially bypassing middleware restrictions and escalating...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the SimplePdo::insert, SimplePdo::update, and SimplePdo::delete functions. An attacker can execute arbitrary SQL commands by supplying crafted array keys or table names that are directly concatenated into SQL statement...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the make:controller process. An attacker can create arbitrary directories outside the intended project root by supplying crafted input containing directory traversal sequences. Details A Directory Traversal attac...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Flight::jsonp process. An attacker can execute arbitrary JavaScript in the context of the response origin by supplying a crafted jsonp query parameter, which is concatenated directly into the JavaScript...

Improper Handling of Exceptional Conditions

Overview granian is an A Rust HTTP server for Python applications Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions through the WSGI response conversion process. An attacker can cause the worker process to abort by supplying or influencing invalid HTT...

Directory Traversal

Overview org.openmrs.web:openmrs-web is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system EMR. Affected versions of this package are vulnerable to Directory Traversal via the WebModuleUtil.startModule function in POST...

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via the browser interaction routes. An attacker can access arbitrary files by bypassing navigation guards and leveraging browser act/evaluate interactions to pivot...

Uncaught Exception

Overview granian is an A Rust HTTP server for Python applications Affected versions of this package are vulnerable to Uncaught Exception via the Sec-WebSocket-Protocol header processing in the WebSocket upgrade request path. An attacker can cause a worker process to terminate unexpectedly by...

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization via incomplete enforcement of navigation guard policies in browser interactions. An attacker can trigger unauthorized navigation by leveraging browser press/type sty...

Permissive List of Allowed Inputs

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Permissive List of Allowed Inputs via the memoryget function. An attacker can access arbitrary Markdown files within the workspace root by supplying crafted paths, thereby bypassing...

Arbitrary File Upload

Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Arbitrary File Upload via the blueprint-upload process. An attacker can gain full administrative access by uploading a crafted YAML file to th...

Incorrect Authorization

Overview @openclaw/matrix is an OpenClaw Matrix channel plugin Affected versions of this package are vulnerable to Incorrect Authorization via the DM pairing-store process. An attacker can gain unauthorized access to privileged room control commands by leveraging DM-paired sender IDs to bypass...

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the DM pairing-store process. An attacker can gain unauthorized access to privileged room control commands by leveraging DM-paired sender IDs to bypass...