-
Notifications
You must be signed in to change notification settings - Fork 40
v2.8.0 Security vulnerability report libraries
System bot edited this page Jul 16, 2024
·
123 revisions
| SUBSCRIPTIONID | RESOURCEGROUP | VULNID | IDENTIFICATIONDATE | CATEGORY | CVE | CVSS | SEVERITY | DISPLAYNAME | RESOURCEID | RESOURCEID_SINGLE | AKTIV | HOST | OSDETAILS |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | frontend-v2.8.0 | frontend-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | api-v2.8.0 | api-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | blockchain-v2.8.0 | blockchain-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | provisioning-v2.8.0 | provisioning-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | e2e-test-v2.8.0 | e2e-test-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | excel-export-service-v2.8.0 | excel-export-service-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | email-notification-service-v2.8.0 | email-notification-service-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | storage-service-v2.8.0 | storage-service-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-28849 | 2024-03-14T17:15:52.097Z | npm audit | CVE-2024-28849 | MEDIUM | follow-redirects: Possible credential leak | migration-v2.8.0 | migration-v2.8.0 | Yes | package: follow-redirects, status: fixed, fixedVersion: 1.15.6 | ||
| - | - | CVE-2024-37168 | 2024-06-10T22:15:12.433Z | npm audit | CVE-2024-37168 | MEDIUM | grps-js: allocate memory for incoming messages well above configured limits | api-v2.8.0 | api-v2.8.0 | Yes | package: @grpc/grpc-js, status: fixed, fixedVersion: 1.10.9, 1.9.15, 1.8.22 | ||
| - | - | CVE-2024-21501 | 2024-02-24T05:15:44.31Z | npm audit | CVE-2024-21501 | MEDIUM | sanitize-html: Information Exposure when used on the backend | api-v2.8.0 | api-v2.8.0 | Yes | package: sanitize-html, status: fixed, fixedVersion: 2.12.1 | ||
| - | - | CVE-2024-29041 | 2024-03-25T21:15:46.847Z | npm audit | CVE-2024-29041 | MEDIUM | express: cause malformed URLs to be evaluated | blockchain-v2.8.0 | blockchain-v2.8.0 | Yes | package: express, status: fixed, fixedVersion: 4.19.2, 5.0.0-beta.3 | ||
| - | - | CVE-2024-29041 | 2024-03-25T21:15:46.847Z | npm audit | CVE-2024-29041 | MEDIUM | express: cause malformed URLs to be evaluated | excel-export-service-v2.8.0 | excel-export-service-v2.8.0 | Yes | package: express, status: fixed, fixedVersion: 4.19.2, 5.0.0-beta.3 | ||
| - | - | CVE-2024-29041 | 2024-03-25T21:15:46.847Z | npm audit | CVE-2024-29041 | MEDIUM | express: cause malformed URLs to be evaluated | email-notification-service-v2.8.0 | email-notification-service-v2.8.0 | Yes | package: express, status: fixed, fixedVersion: 4.19.2, 5.0.0-beta.3 | ||
| - | - | CVE-2024-29041 | 2024-03-25T21:15:46.847Z | npm audit | CVE-2024-29041 | MEDIUM | express: cause malformed URLs to be evaluated | storage-service-v2.8.0 | storage-service-v2.8.0 | Yes | package: express, status: fixed, fixedVersion: 4.19.2, 5.0.0-beta.3 | ||
| - | - | CVE-2024-28176 | 2024-03-09T01:15:07.147Z | npm audit | CVE-2024-28176 | MEDIUM | jose: resource exhaustion | blockchain-v2.8.0 | blockchain-v2.8.0 | Yes | package: jose, status: fixed, fixedVersion: 4.15.5, 2.0.7 | ||
| - | - | CVE-2024-28863 | 2024-03-21T23:15:10.91Z | npm audit | CVE-2024-28863 | MEDIUM | node-tar: denial of service while parsing a tar file due to lack of folders depth validation | blockchain-v2.8.0 | blockchain-v2.8.0 | Yes | package: tar, status: fixed, fixedVersion: 6.2.1 | ||
| - | - | CVE-2024-37890 | 2024-06-17T20:15:13.203Z | npm audit | CVE-2024-37890 | HIGH | nodejs-ws: denial of service when handling a request with many HTTP headers | blockchain-v2.8.0 | blockchain-v2.8.0 | Yes | package: ws, status: fixed, fixedVersion: 5.2.4, 6.2.3, 7.5.10, 8.17.1 |
Last scan date: 2024-7-16 6:26:30