Malicious code in codeql-extractor-iac-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3f77f847f2c7d09571ef2516734c1d483d434e0980f32c21967900b8d28dd4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10883 Malicious code in codeql-extractor-iac-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3f77f847f2c7d09571ef2516734c1d483d434e0980f32c21967900b8d28dd4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in codeql-sarif-security-standard-annotator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware daf28531c7b9ae5e115da81a3041d6e35bed2b6764cfabb14fdd1b11ff50a6fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183)

A path traversal vulnerability accessible via MediaController's downloadprivatefile method allows authenticated users to download any file on the web server Camaleon CMS is running on depending on the file permissions. In the downloadprivatefile method: ruby def downloadprivatefile...

CVE-2024-45388

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388 Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`)

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

CVE-2024-45388

Hoverfly (Git SpectoLabs) contains a path traversal vulnerability in the /api/v2/simulation POST handler that lets unauthenticated attackers read arbitrary files from the server by supplying a specially crafted bodyFile parameter (e.g., ../../../../etc/passwd). The implementation attempts to join...

GHSA-PCWP-26PW-J98W CometVisu Backend for openHAB has a path traversal vulnerability

openHAB's CometVisuServlet is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This vulnerability was discovered with the help of CodeQL's Uncontrolled data used in path expression query. Impact This...

CometVisu Backend for openHAB has a path traversal vulnerability

openHAB's CometVisuServlet is susceptible to an unauthenticated path traversal vulnerability. Local files on the server can be requested via HTTP GET on the CometVisuServlet. This vulnerability was discovered with the help of CodeQL's Uncontrolled data used in path expression query. Impact This...

GHSA-F729-58X4-GQGF CometVisu Backend for openHAB affected by RCE through path traversal

CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal. This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is...

CometVisu Backend for openHAB affected by RCE through path traversal

CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal. This makes it possible for an attacker to overwrite existing files on the openHAB instance. If the overwritten file is a shell script that is...

GHSA-V7GR-MQPJ-WWH3 CometVisu Backend for openHAB affected by SSRF/XSS

The proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery SSRF to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network. Furthermore, this proxy-featu...

CometVisu Backend for openHAB affected by SSRF/XSS

The proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forgery SSRF to induce GET HTTP requests to internal-only servers, in case openHAB is exposed in a non-private network. Furthermore, this proxy-featu...

Malicious code in vscode-codeql (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3832 Malicious code in vscode-codeql (npm)

--- -= Per source details. Do not edit below this line.=-...

OpenMetadata vulnerable to a SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` (`GHSL-2023-236`)

SpEL Injection in GET /api/v1/policies/validation/condition/ GHSL-2023-236 Please note, only authenticated users have access to PUT / POST APIS for /api/v1/policies. Non authenticated users will not be able to access these APIs to exploit the vulnerability. A user must exist in OpenMetadata and...

GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws

GitHub on Wednesday announced that it's making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort to avoid introducing new security issues. "Powered by GitHub Copilot and CodeQL, code scanning autofi...

CVE-2024-28848

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎CompiledRule::validateExpression method evaluates an SpEL expression using an StandardEvaluationContext, allowing the...

CVE-2024-28254

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎AlertUtil::validateExpression method evaluates an SpEL expression using getValue which by default uses the...

CVE-2024-28848 SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` in OpenMetadata

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎CompiledRule::validateExpression method evaluates an SpEL expression using an StandardEvaluationContext, allowing the...