VYPR

apk package

chainguard/opensearch-dashboards-2-fips-dashboards-reporting

pkg:apk/chainguard/opensearch-dashboards-2-fips-dashboards-reporting

Vulnerabilities (63)

  • CVE-2023-45857MedNov 8, 2023
    affected < 2.13.0-r0fixed 2.13.0-r0

    An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

  • CVE-2023-28155MedMar 16, 2023
    affected < 2.19.1-r0fixed 2.19.1-r0

    The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintaine

  • CVE-2020-36604HigSep 23, 2022
    affected < 2.13.0-r0fixed 2.13.0-r0

    hoek before 8.5.1 and 9.x before 9.0.3 allows prototype poisoning in the clone function.

Page 4 of 4