Lucene search
K

154 matches found

Cvelist
Cvelist
added 2023/05/18 9:24 p.m.51 views

CVE-2023-24832

A null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to crash an Hermes runtime where the EnableHermesInternal config option was set to true. Note that this is only exploitable in cases where Hermes is used to execut...

7.8AI score0.00723EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/18 9:19 p.m.54 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

9.9AI score0.00891EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/18 9:19 p.m.12 views

CVE-2023-23557

An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...

8AI score0.00891EPSS
Exploits0References2
Prion
Prion
added 2023/04/04 8:15 p.m.19 views

Cross site request forgery (csrf)

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, Envoy does not sanitize or escape request properties when generating request headers. This can lead to characters that are illegal in header values ...

6.4CVSS9.3AI score0.00507EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/04/04 7:48 p.m.20 views

CVE-2023-27496 Envoy may crash when a redirect url without a state param is received in the oauth filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a state query param is present on any response that looks like an OAuth redirect response. Sending it a request with t...

6.5CVSS6.7AI score0.00758EPSS
Exploits1References3
Prion
Prion
added 2023/04/04 7:15 p.m.21 views

Security feature bypass

Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed request...

6.4CVSS9AI score0.00869EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2023/04/04 6:34 p.m.165 views

CVE-2023-27492

CVE-2023-27492 describes a denial-of-service in Envoy’s Lua filter prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, triggered by large request bodies on routes with Lua enabled. The issue arises from the Lua coroutine being invoked even when the filter has been reset, leading to cras...

6.5CVSS6.6AI score0.00686EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/04/04 6:34 p.m.17 views

CVE-2023-27492 Envoy may crash when a large request body is processed in Lua filter

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the Lua filter is vulnerable to denial of service. Attackers can send large request bodies for routes that have Lua filter enabled and trigger...

4.8CVSS5.7AI score0.00686EPSS
Exploits1References3
CVE
CVE
added 2023/04/04 6:18 p.m.158 views

CVE-2023-27491

CVE-2023-27491 affects Envoy: a non-compliant HTTP/1 service may allow malformed requests to bypass security policies. The BIT-ENVOY-2023-27491 entry documents that this vulnerability can be triggered in pre‑fix releases and that the issue is fixed in Envoy versions 1.26.0, 1.25.3, 1.24.4, 1.23.6...

9.1CVSS6.9AI score0.00869EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/04/04 5:57 p.m.16 views

CVE-2023-27488 Envoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when failuremodeallow: true is configured for extauthz filter. For affected components that are used for loggin...

5.4CVSS9.1AI score0.00731EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/02/08 6:41 p.m.11 views

google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper authorization

PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized...

9.1CVSS5.9AI score0.01587EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2023/01/25 8:48 p.m.56 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.5.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9CVSS7.3AI score0.00879EPSS
Exploits0References3
NVD
NVD
added 2023/01/09 2:15 p.m.31 views

CVE-2022-23509

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps...

7.3CVSS7.3AI score0.00239EPSS
Exploits0References3
CVE
CVE
added 2023/01/09 1:1 p.m.70 views

CVE-2022-23509

CVE-2022-23509 concerns insecure, unencrypted communication between Weave GitOps’ GitOps Run and its local S3 bucket. This allows privileged users or processes to tap traffic and obtain information enabling access to the S3 bucket, potentially leading to bucket content modification and unintended...

7.3CVSS6.2AI score0.00239EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/01/09 1:1 p.m.34 views

CVE-2022-23509 Weave Gitops Run vulnerable to insecure communication

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. GitOps run has a local S3 bucket which it uses for synchronizing files that are later applied against a Kubernetes cluster. The communication between GitOps...

7.3CVSS6.2AI score0.00239EPSS
Exploits0References5
NVD
NVD
added 2022/10/11 2:15 a.m.52 views

CVE-2022-40138

An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute...

9.8CVSS0.00891EPSS
Exploits0References2
OSV
OSV
added 2022/10/11 1:15 a.m.38 views

CVE-2022-32234

An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...

9.8CVSS7.7AI score0.00891EPSS
Exploits0References2
NVD
NVD
added 2022/10/11 1:15 a.m.61 views

CVE-2022-32234

An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...

9.8CVSS0.00891EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.56 views

CVE-2022-32234

An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted...

10AI score0.00891EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/11 12:0 a.m.50 views

CVE-2022-35289

A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of...

9.9AI score0.00891EPSS
Exploits0References2
Rows per page
Query Builder