Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Postman Security Vulnerabilities

cve
cve

CVE-2018-17215

An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. Thus, all contained informat...

8.1CVSS

7.7AI Score

0.002EPSS

2018-09-26 09:29 PM
26
cve
cve

CVE-2024-23738

An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the report's accuracy ... the configuration does not enable remote code execution.."

9.8CVSS

9.5AI Score

0.003EPSS

2024-01-28 01:15 AM
122