CVE-2022-40194 An Unauthenticated SSI vulnerability in the WooCommerce plugin = 5.3.5.
An attacker can exploit the unauthenticated vulnerability to retrieve the customer’s email address and other personally identifiable information. Unauthenticated information disclosure vulnerabilities occur when
CVE-2022-39239 On-Demand image optimization for Netlify using ipx. Versions prior to 1.2.3 are vulnerable to brute force attacks that can bypass the source image domain allowlist.
If you are using custom domain mapping or a wildcard mapping, it may be necessary to clear the cache manually by regenerating the mapped subdirectory.
CVE-2022-40088 The vulnerable component was found to contain an XSS flaw, where users can inject malicious code.
An attacker can leverage this vulnerability to conduct XSS attacks against users of the site via client-side scripting languages such as JavaScript or Python. It
CVE-2022-1941 - Protocol Buffers Parsing Vulnerability Can Lead To Out-Of-Memory Denial of Service
Imagine your service starts crashing because of a single malicious message. That’s exactly what CVE-2022-1941 is about—a parsing bug in Google's
CVE-2022-3268 Weak Password Requirements in GitHub repository ikus060/minarca prior to 4.2.2.
In the previous version, you have to provide at least 6 characters, a mix of uppercase and lowercase letters, digits and symbols. In the latest
Episode
00:00:00
00:00:00