Edoardo Ottavianelli

- https://docs.deps.dev/api/v3alpha/index.html#getsimilarlynamedpackages

- https://docs.deps.dev/api/v3alpha/index.html#getversionbatch - https://docs.deps.dev/api/v3alpha/index.html#getprojectbatch

Add support for v3

1

At the moment v3alpha is supported. Add the choice of using v3 or v3alpha (go package). - [ ] #66 - [x] #67 - [ ] #68 - [ ]...

Add test for standard queries per doc e.g. https://docs.deps.dev/api/v3/#getpackage

Add CVE-2024-32651

3

### Template / PR Information - Added CVE-2024-32651 - References: - https://nvd.nist.gov/vuln/detail/CVE-2024-32651 - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-4r7v-whpg-8rx3 ### Template Validation I've validated this template locally? - [x] YES - [ ] NO ####...

Boggart now supports only `raw` input type, this means that it reads the honeypot configuration from the `config.yaml` file. This feature should allow boggart to read the YAML config file...

[Security] Remote command execution

6

Using the API `/api/common/ping` it's possible to achieve remote command execution on the host machine. This leads to complete control over the machine hosting the server. To reproduce the vulnerability:...

Tested version: latest Steps to reproduce the vulnerability: - Login in the application. - Click on Channels. - Click on Add a new channel. - Fill all the possible fields...