Comparison Overview
Carrefour Global Sourcing

Carrefour Global Sourcing
Shanghai Mart, 9/F, Room A71, 2299 Yan'An West Road, Shanghai, Changning District, CN, 200336
Last Update: 26/03/2026
With over 320,000 employees spanning 30 countries, Carrefour team is united by our shared passion for delivering exceptional products and services to our global customer base. We register an impressive 11 million daily check-out transactions and generate $80 billion in ...

ALS
25 King St, Bowen Hills, Queensland, AU, 4006
Last Update: 03/04/2026
A global leader in testing, ALS provides comprehensive testing solutions to clients in a wide range of industries around the world. Using state-of-the-art technologies and innovative methodologies, our dedicated international teams deliver highest-quality testing servic...
Compliance Ranges Comparison

Carrefour Global Sourcing







ALS






Benchmark & Cyber Underwriting Signals
Incidents vs International Trade and Development Industry Avg (This Year)
No incidents recorded for Carrefour Global Sourcing in 2026.
Incidents vs International Trade and Development Industry Avg (This Year)
No incidents recorded for ALS in 2026.
Incident History - Carrefour Global Sourcing (X = Date, Y = Severity)
Carrefour Global Sourcing cyber incidents detection timeline including parent company and subsidiaries.
Incident History - ALS (X = Date, Y = Severity)
ALS cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

Carrefour Global Sourcing

ALS
FAQ
Latest Global CVEs
Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pods when performing Kustomize bakes. This issue is fixed in versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4.
- https://github.com/spinnaker/spinnaker/commit/2d75818b85cc4c35144d5e5ed45e7340fcab5dfe
- https://github.com/spinnaker/spinnaker/commit/bbc30c9b9034a056e95f012fa1b34e9fd703cae7
- https://github.com/spinnaker/spinnaker/commit/de5a7a05af35aee19eb71d289cd0b77f67509009
- https://github.com/spinnaker/spinnaker/commit/df32d568e82519d9f3896fc9007baba0077c87fd
- https://github.com/spinnaker/spinnaker/commit/f5cec213f8cf207843ed5a6929395960a1ca094f
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2025.3.4
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2025.4.4
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.0.3
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.1.1
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.2.0
- https://github.com/spinnaker/spinnaker/security/advisories/GHSA-p68j-q7hf-3qcp
Multiple connections to the backend using the same charging station ID are allowed, which could allow an attacker to deploy multiple instances of malicious OCPP clients to overwhelm the backend.
Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a denial-of-service attack.
The charging station websocket endpoint accepts connections without proper authentication, which could lead to privilege escalation.
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions: *.*.