398 matches found
GHSA-PJWM-CR36-MWV3 ReDoS in giskard's transformation.py (GHSL-2024-324)
ReDoS in Giskard text perturbation detector A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation...
CVE-2024-52524 ReDoS in Giskard Scan text perturbation
Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential...
CVE-2024-52524 ReDoS in Giskard Scan text perturbation
Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution ReDoS vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential...
GHSA-Q78V-CV36-8FXJ Devtron has SQL Injection in CreateUser API
Summary An authenticated user with minimum permission could utilize and exploit SQL Injection to allow the execution of malicious SQL queries via CreateUser API /orchestrator/user. Details The API is CreateUser /orchestrator/user. The function to read user input is:...
Devtron has SQL Injection in CreateUser API
Summary An authenticated user with minimum permission could utilize and exploit SQL Injection to allow the execution of malicious SQL queries via CreateUser API /orchestrator/user. Details The API is CreateUser /orchestrator/user. The function to read user input is:...
EulerOS 2.0 SP12 : ruby (EulerOS-SA-2024-2517)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Rubygems.org is the Ruby community's gem hosting service. A Gem publisher can cause a Remote DoS when publishing a Gem. This is due to how Ruby read...
GHSA-R5PH-4JXM-6J9P LF Edge eKuiper has a SQL Injection in sqlKvStore
Summary A user could utilize and exploit SQL Injection to allow the execution of malicious SQL query via Get method in sqlKvStore. Details I will use explainRuleHandler "/rules/name/explain" as an example to illustrate. However, this vulnerability also exists in other methods such as...
LF Edge eKuiper has a SQL Injection in sqlKvStore
Summary A user could utilize and exploit SQL Injection to allow the execution of malicious SQL query via Get method in sqlKvStore. Details I will use explainRuleHandler "/rules/name/explain" as an example to illustrate. However, this vulnerability also exists in other methods such as...
GHSA-W7C4-5W4F-JM3G Duplicate Advisory: Reposilite Arbitrary File Read vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-82j3-hf72-7x93. This link is maintained to preserve external references. Original description Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM...
Duplicate Advisory: Reposilite Arbitrary File Read vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-82j3-hf72-7x93. This link is maintained to preserve external references. Original description Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM...
GHSA-79W7-VH3H-8G4J yt-dlp File system modification and RCE through improper file-extension sanitization
Summary yt-dlp does not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder and path traversal on Windows. Since yt-dlp also reads config from the working directory and on Windows executables will be executed from the yt-dlp...
CVE-2024-36117
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...
CVE-2024-36117 Path traversal while serving Reposilite javadoc expanded files
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...
CVE-2024-36117 Path traversal while serving Reposilite javadoc expanded files
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...
CVE-2024-36116 Path traversal in Reposilite javadoc file expansion
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...
CVE-2024-36116
The CVE-2024-36116 issue in Reposilite arises from path traversal in the Javadoc archive expansion logic. The archive’s file.name can contain traversal sequences (for example ../../../anything.txt), allowing an extracted path to escape the intended unpack directory. An attacker could craft a mali...
CVE-2024-36116 Path traversal in Reposilite javadoc file expansion
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite provides support for JavaDocs files, which are archives that contain documentation for artifacts. Specifically, JavadocEndpoints.kt controller allows to expand the...
CVE-2024-36115 Stored Cross site scripting in Reposilite artifacts
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. As a Maven repository manager, Reposilite provides the ability to view the artifacts content in the browser, as well as perform administrative tasks via API. The problem lies i...
CVE-2024-36115 Stored Cross site scripting in Reposilite artifacts
Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. As a Maven repository manager, Reposilite provides the ability to view the artifacts content in the browser, as well as perform administrative tasks via API. The problem lies i...
CVE-2024-36115
CVE-2024-36115 affects Reposilite (v3.5.10 and prior) where artifact content served in the browser can execute JavaScript within the same origin, enabling stored XSS that can access token-secret from localStorage. This can lead to full compromise of the Reposilite instance and, in worst cases, re...