108 matches found
CVE-2022-39218 Random number seed fixed during compilation
The JS Compute Runtime for Fastly's Compute@Edge platform provides the environment JavaScript is executed in when using the Compute@Edge JavaScript SDK. In versions prior to 0.5.3, the Math.random and crypto.getRandomValues methods fail to use sufficiently random values. The initial value to seed...
nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths
Most of the fixes will be in this repo, though, so having it here gives us the private fork to work on patches Below is currently a duplicate of the original report: ---- Received on [email protected] unedited, I'm not sure if we want to make it separate advisories. Pasted raw for now, feel fr...
Malicious code in fastly-realtime-stats-prod (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 69eac7a2e83ec3170454072cd78940a80689a9f2708167da078fb45c179996c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2969 Malicious code in fastly-realtime-stats-prod (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 69eac7a2e83ec3170454072cd78940a80689a9f2708167da078fb45c179996c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-VPQ9-C67Q-23FQ Fastly Magento2 sensitive information disclosure
The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses...
Fastly Magento2 sensitive information disclosure
The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
This is a proof-of-concept exploit for Log4j RCE Unauthenticated...
How an Obscure Company Took Down Big Chunks of the Internet
You may not have heard of Fastly, but you felt its impact when sites didn’t load around the world Tuesday morning...
InnoGames: Cache Poisoning via uppercase letters in invalid path
Summary of the issue Cache poisoning vulnerability appears in the request to innogames.com. The issue arises when language path parameter from the url gets processed on the backend to become lowercase. Then if a path provided in X-Forwarded-Host does not exist on the server, 301 response is...
Cloud Lookup (and Bypass)
This module can be useful if you need to test the security of your server and your website behind a solution Cloud based. By discovering the origin IP address of the targeted host. More precisely, this module uses multiple data sources in order ViewDNS.info, DNS enumeration and Censys to collect...
Takeover v0.2 - Sub-Domain TakeOver Vulnerability Scanner
Sub-domain takeover vulnerability occur when a sub-domain subdomain.example.com is pointing to a service e.g: GitHub , AWS/S3 ,.. that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if...
New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites
A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect...
GitLab: Domain Takeover - gl-canary.freetls.fastly.net
The domain gl-canary.freetls.fastly.net was whitelisted in Gitlab's Content Security Policy, allowing an attacker to bypass the CSP and execute malicious client-side code. This domain could be controlled from any Fastly account, potentially impacting other areas of Gitlab's application...
lifedaily.com.global.prod.fastly.net XSS vulnerability
Open Bug Bounty ID: OBB-624356 Description| Value ---|--- Affected Website:| lifedaily.com.global.prod.fastly.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...
Node.js: registry.nodejs.org Subdomain Takeover
I recently found an abandoned and/or overlooked nodejs.org subdomain that was indirectly pointing to Fastly. Fastly doesn't require any proof of DNS ownership to register new distributions that use a given domain, so I was able to effectively take it over. Vulnerability: Subdomain Takeover via...
subjack - Hostile Subdomain Takeover tool written in Go
subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule...
Authentication flaw
The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses...
CVE-2017-13761
The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses...
CVE-2017-13761
The Fastly CDN module before 1.2.26 for Magento2, when used with a third-party authentication plugin, might allow remote authenticated users to obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses...
CVE-2017-13761
The CVE-2017-13761 issue affects the Fastly CDN module for Magento 2 prior to 1.2.26. When this module is used with a third-party authentication plugin, remote authenticated users may obtain sensitive information from authenticated sessions via vectors involving caching of redirect responses. Aff...