bref/bref Security Advisories for 0.2.26 (4)
-
[MEDIUM] Slow String Operations via MultiPart Requests in Event-Driven Functions
PKSA-zkhw-7f5b-zsz7 CVE-2024-29186 GHSA-j4hq-f63x-f39r
Affected version: <2.1.17
Reported by:
GitHub -
[LOW] Bref vulnerable to Body Parsing Inconsistency in Event-Driven Functions
PKSA-f29r-hw5p-d3rv CVE-2024-24754 GHSA-82vx-mm6r-gg8w
Affected version: <2.1.13
Reported by:
GitHub -
[MEDIUM] Bref Doesn't Support Multiple Value Headers in ApiGatewayFormatV2
PKSA-2gyh-rhqm-nrbw CVE-2024-24753 GHSA-99f9-gv72-fw9r
Affected version: <2.1.13
Reported by:
GitHub -
[MEDIUM] Bref's Uploaded Files Not Deleted in Event-Driven Functions
PKSA-1ccj-839k-k5jx CVE-2024-24752 GHSA-x4hh-frx8-98r5
Affected version: <2.1.13
Reported by:
GitHub