Skip to main content

Pandora

3 CVEs product

Monthly

CVE-2023-22898 MEDIUM PATCH This Month

workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Pandora
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2018-13144 HIGH This Week

The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Pandora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2017-3194 HIGH This Week

Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Pandora
NVD
CVSS 3.0
8.1
EPSS
0.5%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Pandora
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Pandora
NVD GitHub
EPSS 0% CVSS 8.1
HIGH This Week

Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apple Information Disclosure Pandora
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy