Skip to main content
CVE-2023-22461 MEDIUM POC PATCH This Month

The `sanitize-svg` package, a small SVG sanitizer to prevent cross-site scripting attacks, uses a deny-list-pattern to sanitize SVGs to prevent XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sanitize Svg
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2023-22464 MEDIUM POC This Month

ViewVC is a browser interface for CVS and Subversion version control repositories. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Viewvc
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-0055 MEDIUM POC PATCH This Month

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Pyload
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-22465 MEDIUM POC PATCH This Month

Http4s is a Scala interface for HTTP services. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Http4S
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2023-22466 MEDIUM PATCH This Month

Tokio is a runtime for writing applications with Rust. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Tokio
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy