398 matches found
CVE-2023-25557 Server-Side Request Forgery in DataHub
DataHub is an open-source metadata platform. The DataHub frontend acts as a proxy able to forward any REST or GraphQL requests to the backend. The goal of this proxy is to perform authentication if needed and forward HTTP requests to the DataHub Metadata Store GMS. It has been discovered that the...
CVE-2023-25557
Summary: CVE-2023-25557 affects DataHub’s frontend proxy, which forwards REST/GraphQL requests to the DataHub Metadata Store (GMS). The proxy may mishandle URL construction when relaying requests, enabling a Server-Side Request Forgery (SSRF) where an attacker could redirect a frontend-originated...
CVE-2023-25558 Deserialization of untrusted data in DataHub
DataHub is an open-source metadata platform. When the DataHub frontend is configured to authenticate via SSO, it will leverage the pac4j library. The processing of the idtoken is done in an unsafe manner which is not properly accounted for by the DataHub frontend. Specifically, if any of the...
CVE-2023-25558 Deserialization of untrusted data in DataHub
DataHub is an open-source metadata platform. When the DataHub frontend is configured to authenticate via SSO, it will leverage the pac4j library. The processing of the idtoken is done in an unsafe manner which is not properly accounted for by the DataHub frontend. Specifically, if any of the...
CVE-2023-25560 JSON Injection in DataHub
DataHub is an open-source metadata platform. The AuthServiceClient which is responsible for creation of new accounts, verifying credentials, resetting them or requesting access tokens, crafts multiple JSON strings using format strings with user-controlled data. This means that an attacker may be...
CVE-2023-25560 JSON Injection in DataHub
DataHub is an open-source metadata platform. The AuthServiceClient which is responsible for creation of new accounts, verifying credentials, resetting them or requesting access tokens, crafts multiple JSON strings using format strings with user-controlled data. This means that an attacker may be...
CVE-2023-25561 Login fail open on JAAS misconfiguration in DataHub
DataHub is an open-source metadata platform. In the event a system is using Java Authentication and Authorization Service JAAS authentication and that system is given a configuration which contains an error, the authentication for the system will fail open and allow an attacker to login using any...
CVE-2023-25561 Login fail open on JAAS misconfiguration in DataHub
DataHub is an open-source metadata platform. In the event a system is using Java Authentication and Authorization Service JAAS authentication and that system is given a configuration which contains an error, the authentication for the system will fail open and allow an attacker to login using any...
CVE-2023-25561 Login fail open on JAAS misconfiguration in DataHub
DataHub is an open-source metadata platform. In the event a system is using Java Authentication and Authorization Service JAAS authentication and that system is given a configuration which contains an error, the authentication for the system will fail open and allow an attacker to login using any...
CVE-2023-25562 Failure to Invalidate Session on Logout in DataHub
DataHub is an open-source metadata platform. In versions of DataHub prior to 0.8.45 Session cookies are only cleared on new sign-in events and not on logout events. Any authentication checks using the AuthUtils.hasValidSessionCookie method could be bypassed by using a cookie from a logged out...
CVE-2023-25562 Failure to Invalidate Session on Logout in DataHub
DataHub is an open-source metadata platform. In versions of DataHub prior to 0.8.45 Session cookies are only cleared on new sign-in events and not on logout events. Any authentication checks using the AuthUtils.hasValidSessionCookie method could be bypassed by using a cookie from a logged out...
CVE-2023-25562 Failure to Invalidate Session on Logout in DataHub
DataHub is an open-source metadata platform. In versions of DataHub prior to 0.8.45 Session cookies are only cleared on new sign-in events and not on logout events. Any authentication checks using the AuthUtils.hasValidSessionCookie method could be bypassed by using a cookie from a logged out...
GitHub Security Lab: [CPP]: Add query for CWE-805: Buffer Access with Incorrect Length Value using some functions
Vulnerability description not provided...
GitHub Security Lab: [Go]: Add Beego.Input.RequestBody source to Beego framework
Vulnerability description not provided...
GitHub Security Lab: [python] TarSlip vulnerability improvements
Vulnerability description not provided...
GitHub Security Lab: C/C++: Command injection via wordexp
Vulnerability description not provided...
GitHub Security Lab: [CPP]: Add query for CWE-125 Out-of-bounds Read with different interpretation of the string when use mbtowc
Vulnerability description not provided...
GitHub Security Lab: [CPP]: Add query for CWE-297: Improper Validation of Certificate with Host Mismatch
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [Java]: CWE-625 - Query to detect regex dot bypass
This bug was reported directly to GitHub Security Lab...
GitHub Security Lab: [JAVA]: Partial Path Traversal
This bug was reported directly to GitHub Security Lab...