MidnightBSD

Advisories for opensourcelabs

CVE-2024-37163

SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resources and Usage Costs. SkyScrape's API requests are currently unsecured HTTP requests, leading to potential vulnerabilities for the user's temporary credentials and data. This affects version 1.0.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security-advisories@github.com 6.4 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H 1.6 4.7

Products Affected

Vendor Product Version
opensourcelabs skyscraper 1.0.0
CVE-2025-70042

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in oslabs-beta ThermaKube master.

Products Affected

Vendor Product Version
opensourcelabs thermakube -