-
Notifications
You must be signed in to change notification settings - Fork 41
v2.14.0 Security vulnerability report libraries
System bot edited this page Nov 17, 2024
·
39 revisions
| SUBSCRIPTIONID | RESOURCEGROUP | VULNID | IDENTIFICATIONDATE | CATEGORY | CVE | CVSS | SEVERITY | DISPLAYNAME | RESOURCEID | RESOURCEID_SINGLE | AKTIV | HOST | OSDETAILS |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | frontend-v2.14.0 | frontend-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | api-v2.14.0 | api-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | provisioning-v2.14.0 | provisioning-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | e2e-test-v2.14.0 | e2e-test-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-39338 | 2024-08-12T13:38:24.487Z | npm audit | CVE-2024-39338 | HIGH | axios: axios: Server-Side Request Forgery | migration-v2.14.0 | migration-v2.14.0 | Yes | package: axios, status: fixed, fixedVersion: 1.7.4 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | api-v2.14.0 | api-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | provisioning-v2.14.0 | provisioning-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-47764 | 2024-10-04T20:15:07.31Z | npm audit | CVE-2024-47764 | LOW | cookie: cookie accepts cookie name, path, and domain with out of bounds characters | frontend-collector-v2.14.0 | frontend-collector-v2.14.0 | Yes | package: cookie, status: fixed, fixedVersion: 0.7.0 | ||
| - | - | CVE-2024-21538 | 2024-11-08T05:15:06.453Z | npm audit | CVE-2024-21538 | HIGH | Regular Expression Denial of Service (ReDoS) in cross-spawn | api-v2.14.0 | api-v2.14.0 | Yes | package: cross-spawn, status: fixed, fixedVersion: 7.0.5 | ||
| - | - | CVE-2024-21538 | 2024-11-08T05:15:06.453Z | npm audit | CVE-2024-21538 | HIGH | Regular Expression Denial of Service (ReDoS) in cross-spawn | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: cross-spawn, status: fixed, fixedVersion: 7.0.5 | ||
| - | - | CVE-2024-21538 | 2024-11-08T05:15:06.453Z | npm audit | CVE-2024-21538 | HIGH | Regular Expression Denial of Service (ReDoS) in cross-spawn | migration-v2.14.0 | migration-v2.14.0 | Yes | package: cross-spawn, status: fixed, fixedVersion: 7.0.5 | ||
| - | - | CVE-2024-45813 | 2024-09-18T17:15:19.163Z | npm audit | CVE-2024-45813 | HIGH | find-my-way: ReDoS vulnerability in multiparametric routes | api-v2.14.0 | api-v2.14.0 | Yes | package: find-my-way, status: fixed, fixedVersion: 8.2.2, 9.0.1 | ||
| - | - | CVE-2024-45813 | 2024-09-18T17:15:19.163Z | npm audit | CVE-2024-45813 | HIGH | find-my-way: ReDoS vulnerability in multiparametric routes | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: find-my-way, status: fixed, fixedVersion: 8.2.2, 9.0.1 | ||
| - | - | CVE-2024-45813 | 2024-09-18T17:15:19.163Z | npm audit | CVE-2024-45813 | HIGH | find-my-way: ReDoS vulnerability in multiparametric routes | provisioning-v2.14.0 | provisioning-v2.14.0 | Yes | package: find-my-way, status: fixed, fixedVersion: 8.2.2, 9.0.1 | ||
| - | - | CVE-2024-45813 | 2024-09-18T17:15:19.163Z | npm audit | CVE-2024-45813 | HIGH | find-my-way: ReDoS vulnerability in multiparametric routes | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: find-my-way, status: fixed, fixedVersion: 8.2.2, 9.0.1 | ||
| - | - | CVE-2024-45813 | 2024-09-18T17:15:19.163Z | npm audit | CVE-2024-45813 | HIGH | find-my-way: ReDoS vulnerability in multiparametric routes | frontend-collector-v2.14.0 | frontend-collector-v2.14.0 | Yes | package: find-my-way, status: fixed, fixedVersion: 8.2.2, 9.0.1 | ||
| - | - | CVE-2024-45590 | 2024-09-10T16:15:21.083Z | npm audit | CVE-2024-45590 | HIGH | body-parser: Denial of Service Vulnerability in body-parser | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: body-parser, status: fixed, fixedVersion: 1.20.3 | ||
| - | - | CVE-2024-45590 | 2024-09-10T16:15:21.083Z | npm audit | CVE-2024-45590 | HIGH | body-parser: Denial of Service Vulnerability in body-parser | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: body-parser, status: fixed, fixedVersion: 1.20.3 | ||
| - | - | CVE-2024-45590 | 2024-09-10T16:15:21.083Z | npm audit | CVE-2024-45590 | HIGH | body-parser: Denial of Service Vulnerability in body-parser | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: body-parser, status: fixed, fixedVersion: 1.20.3 | ||
| - | - | CVE-2024-45590 | 2024-09-10T16:15:21.083Z | npm audit | CVE-2024-45590 | HIGH | body-parser: Denial of Service Vulnerability in body-parser | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: body-parser, status: fixed, fixedVersion: 1.20.3 | ||
| - | - | CVE-2024-43796 | 2024-09-10T15:15:17.51Z | npm audit | CVE-2024-43796 | MEDIUM | express: Improper Input Handling in Express Redirects | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: express, status: fixed, fixedVersion: 4.20.0, 5.0.0 | ||
| - | - | CVE-2024-43796 | 2024-09-10T15:15:17.51Z | npm audit | CVE-2024-43796 | MEDIUM | express: Improper Input Handling in Express Redirects | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: express, status: fixed, fixedVersion: 4.20.0, 5.0.0 | ||
| - | - | CVE-2024-43796 | 2024-09-10T15:15:17.51Z | npm audit | CVE-2024-43796 | MEDIUM | express: Improper Input Handling in Express Redirects | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: express, status: fixed, fixedVersion: 4.20.0, 5.0.0 | ||
| - | - | CVE-2024-43796 | 2024-09-10T15:15:17.51Z | npm audit | CVE-2024-43796 | MEDIUM | express: Improper Input Handling in Express Redirects | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: express, status: fixed, fixedVersion: 4.20.0, 5.0.0 | ||
| - | - | CVE-2024-21534 | 2024-10-11T13:15:15.667Z | npm audit | CVE-2024-21534 | CRITICAL | jsonpath-plus: Remote Code Execution in jsonpath-plus via Improper Input Sanitization | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: jsonpath-plus, status: fixed, fixedVersion: 10.0.7 | ||
| - | - | CVE-2024-45296 | 2024-09-09T19:15:13.33Z | npm audit | CVE-2024-45296 | HIGH | path-to-regexp: Backtracking regular expressions cause ReDoS | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 | ||
| - | - | CVE-2024-45296 | 2024-09-09T19:15:13.33Z | npm audit | CVE-2024-45296 | HIGH | path-to-regexp: Backtracking regular expressions cause ReDoS | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 | ||
| - | - | CVE-2024-45296 | 2024-09-09T19:15:13.33Z | npm audit | CVE-2024-45296 | HIGH | path-to-regexp: Backtracking regular expressions cause ReDoS | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 | ||
| - | - | CVE-2024-45296 | 2024-09-09T19:15:13.33Z | npm audit | CVE-2024-45296 | HIGH | path-to-regexp: Backtracking regular expressions cause ReDoS | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: path-to-regexp, status: fixed, fixedVersion: 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 | ||
| - | - | CVE-2024-43799 | 2024-09-10T15:15:17.727Z | npm audit | CVE-2024-43799 | MEDIUM | send: Code Execution Vulnerability in Send Library | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: send, status: fixed, fixedVersion: 0.19.0 | ||
| - | - | CVE-2024-43799 | 2024-09-10T15:15:17.727Z | npm audit | CVE-2024-43799 | MEDIUM | send: Code Execution Vulnerability in Send Library | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: send, status: fixed, fixedVersion: 0.19.0 | ||
| - | - | CVE-2024-43799 | 2024-09-10T15:15:17.727Z | npm audit | CVE-2024-43799 | MEDIUM | send: Code Execution Vulnerability in Send Library | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: send, status: fixed, fixedVersion: 0.19.0 | ||
| - | - | CVE-2024-43799 | 2024-09-10T15:15:17.727Z | npm audit | CVE-2024-43799 | MEDIUM | send: Code Execution Vulnerability in Send Library | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: send, status: fixed, fixedVersion: 0.19.0 | ||
| - | - | CVE-2024-43800 | 2024-09-10T15:15:17.937Z | npm audit | CVE-2024-43800 | MEDIUM | serve-static: Improper Sanitization in serve-static | blockchain-v2.14.0 | blockchain-v2.14.0 | Yes | package: serve-static, status: fixed, fixedVersion: 1.16.0, 2.1.0 | ||
| - | - | CVE-2024-43800 | 2024-09-10T15:15:17.937Z | npm audit | CVE-2024-43800 | MEDIUM | serve-static: Improper Sanitization in serve-static | excel-export-service-v2.14.0 | excel-export-service-v2.14.0 | Yes | package: serve-static, status: fixed, fixedVersion: 1.16.0, 2.1.0 | ||
| - | - | CVE-2024-43800 | 2024-09-10T15:15:17.937Z | npm audit | CVE-2024-43800 | MEDIUM | serve-static: Improper Sanitization in serve-static | email-notification-service-v2.14.0 | email-notification-service-v2.14.0 | Yes | package: serve-static, status: fixed, fixedVersion: 1.16.0, 2.1.0 | ||
| - | - | CVE-2024-43800 | 2024-09-10T15:15:17.937Z | npm audit | CVE-2024-43800 | MEDIUM | serve-static: Improper Sanitization in serve-static | storage-service-v2.14.0 | storage-service-v2.14.0 | Yes | package: serve-static, status: fixed, fixedVersion: 1.16.0, 2.1.0 |
Last scan date: 2024-11-17 6:29:35