### Impact An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. ### Patch ...
Continue Reading23 августа, 2023
### Impact An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. ### Patch ...
Continue Reading23 августа, 2023
org.apache.ivy:ivy is vulnerable to XML Injection. The vulnerability exists due to improper external DTD XML restrictions. An attacker is able to exploit this vulnerability by parsing a specially craf ...
Continue Reading23 августа, 2023
org.apache.nifi:nifi-dbcp-base is vulnerable to Insufficient URL Validation. The vulnerability allows an authenticated attacker with relevant privileges to bypass connection URL validation using custo ...
Continue Reading23 августа, 2023
Back to Main