-
reference: https://github.com/protectai/ai-exploits/blob/main/bentoml/README.md
I think it is easy to exploit but I must find a solution to create a python pickle easily with java.
-
**The CVE ID**
CVE-2021-42384
**Describe the data quality issue observed**
When I searched this CVE ID from osv.dev, I got different result with NVD when echo system is GIT.
[Result of osv.dev]…
-
Currently we download the vulnerability data feeds from NIST
These data feeds are set to be removed in september 2023 (https://nvd.nist.gov/vuln/data-feeds)
The suggested fix is to move to query…
-
The test script currently does not really check whether any patch-level update that **targets** any critical CVEs is deployed in time.
Furthermore, the standard is a bit vague about whether this pa…
-
## CVE-2021-46877 - High Severity Vulnerability
Vulnerable Library - jackson-databind-2.10.2.jar
General data-binding functionality for Jackson: works on core streaming API
Library home page: http:/…
-
## CVE-2020-9547 - Critical Severity Vulnerability
Vulnerable Library - jackson-databind-2.9.9.1.jar
General data-binding functionality for Jackson: works on core streaming API
Library home page: ht…
-
Dear shiny-server maintainers,
I currently see this issue poping up during our [trivy scans](https://github.com/aquasecurity/trivy-action).
```
{
"id": "CVE-2024-4068",
"category": "container…
-
## CVE-2014-0114 - High Severity Vulnerability
Vulnerable Libraries - commons-beanutils-1.7.0.jar, struts-core-1.3.8.jar, commons-beanutils-core-1.7.0.jar
commons-beanutils-1.7.0.jar
Path to depe…
-
### Summary
- Total: 1300 (UNKNOWN: 9, LOW: 316, MEDIUM: 872, HIGH: 100, CRITICAL: 3)
- e.g. CVE-2023-6879
- e.g. CVE-2023-45853
### Details
1. sudo docker pull aquasec/trivy
2. sudo docker pu…
-
Hello,
We use a few external images in the project. The Aqua security scanner has flagged vulnerabilities due to the utilization of an Alpine version 3.18 and 3.18.6:
CVE-2023-43788 libxpm
CVE-…