CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

Design/Logic Flaw

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

CVE-2022-29930

SHA1 implementation in JetBrains Ktor Native 2.0.0 was returning the same value. The issue was fixed in Ktor version 2.0.1...

CVE-2022-29930

CVE-2022-29930 affects JetBrains Ktor Native 2.0.0, where the SHA1 implementation returned the same value due to a faulty hashing function. The issue has been fixed in Ktor 2.0.1. Public references from NVD/Red Hat OSV and related sources corroborate the fix version and the affected component. If...

PT-2022-19914 · Jetbrains · Jetbrains Ktor Native

Name of the Vulnerable Software and Affected Versions: JetBrains Ktor Native version 2.0.0 Description: The SHA1 implementation was returning the same value, indicating a potential issue with the hashing function. This issue was resolved in a later version. Recommendations: For version 2.0.0,...

JetBrains Ktor Native 安全特征问题特征问题漏洞

JetBrains Ktor Native is an asynchronous framework for creating microservices, web applications, and more from the Czech company JetBrains. A security signature issue vulnerability exists in JetBrains Ktor Native versions prior to 2.0.1, which stems from the fact that SHA1 can return the same val...

Microsoft Windows Print Spooler Components Elevation of Privilege Vulnerability (CNVD-2022-70056)

An elevation of privilege vulnerability exists in Microsoft Windows Print Spooler Components, a print backend processor component of Microsoft Corporation USA. The vulnerability stems from an incorrect program call to a high-level native procedure. An attacker could exploit this vulnerability to...

Microsoft Windows Storage Spaces Controller Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Windows Storage Spaces Controller, a driver necessary to provide storage space functionality from Microsoft Corporation USA. The vulnerability stems from an incorrect program call to a high-level native procedure. An attacker could explo...

Microsoft Windows Storage Spaces Controller 权限许可和访问控制问题漏洞

An elevation of privilege vulnerability exists in Microsoft Windows Storage Spaces Controller, a driver necessary to provide storage space functionality from Microsoft Corporation USA. The vulnerability stems from an incorrect program call to a high-level native procedure. An attacker could explo...

Microsoft Windows Print Spooler Components 权限许可和访问控制问题漏洞

An elevation of privilege vulnerability exists in Microsoft Windows Print Spooler Components, a print backend processor component of Microsoft Corporation USA. The vulnerability stems from an incorrect program call to a high-level native procedure. An attacker could exploit this vulnerability to...

JetBrains Ktor Native Security Feature Issue Vulnerability

JetBrains Ktor Native is an asynchronous framework for creating microservices, web applications, etc. JetBrains Ktor Native versions prior to 2.0.0 are vulnerable to a security feature that stems from the fact that random values used for random number generation are not implemented using...

in depositErc20 - no check that token address != NATIVE

103 comment Warden: CertoraInc The depositErc20 doesn't have any check that the given token address doesn't equal to the NATIVE address in this case the user should use the depositNative function. This is a needed check, it can be seen also in the withdrawErc20GasFee, so it needs to be applied in...

Fedora: Security Advisory for golang-github-haproxytech-client-native (FEDORA-2022-08ae2dd481)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-45915)

Google Android is a Linux-based open-source operating system from Google, a U.S. company. The vulnerability stems from an incorrect program call to a high-level native procedure. An attacker could exploit this vulnerability to cause an elevation of privilege...

JetBrains IntelliJ IDEA Code Injection Vulnerability (CNVD-2022-55674)

JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Jetbrains Czech Republic.A code injection vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which could be exploited to execute native code via a custom Pandoc path...

CVE-2022-29164 Privilege Escalation in argo-workflows

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an attacker can create a workflow which produces a HTML artifact containing an HTML file that contains a script which uses XHR calls to interact with the Argo Serv...

CVE-2022-29164

Affected software: Argo Workflows (Kubernetes) Vulnerability summary: An attacker can craft a HTML artifact in a workflow that contains a script using XHR to interact with the Argo Server API. The attacker emails a link to the deep-link artifact; when opened by a victim, the script executes with ...

JetBrains IntelliJ IDEA Code Injection Vulnerability (CNVD-2022-55680)

JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from Jetbrains Czech Republic.A code injection vulnerability exists in versions of JetBrains IntelliJ IDEA prior to 2022.1, which could be exploited by attackers to execute native code via workspace...

JetBrains Rider Code Injection Vulnerability

JetBrains Rider is a cross-platform integrated development environment IDE from Czech company Jetbrains. versions prior to JetBrains Rider 2022.1 contain a code injection vulnerability that could be exploited by attackers to execute native code via a link in the ReSharper quick documentation...