13 matches found
Uncontrolled Recursion
Overview smol-toml is an A small, fast, and correct TOML parser/serializer Affected versions of this package are vulnerable to Uncontrolled Recursion. An attacker can cause the application to crash by submitting TOML documents containing thousands of consecutive commented lines, which triggers...
UNIX Symbolic Link (Symlink) Following
Overview @backstage/backend-plugin-api is a Core API used by Backstage backend plugins Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the resolveSafeChildPath function, which relies on resolveRealPath. An attacker can access sensitive files outside the...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation due to the improper validation of user-supplied low-order points during the Diffie-Hellman key exchange process. An attacker can compromise session security by forcing the identity point. Additionally, incorrec...
CVE-2023-30536
slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...
PT-2024-36000
Name of the Vulnerable Software and Affected Versions: rails-html-sanitizer version 1.6.0 Description: There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer when used with Rails = 7.1.0. This issue may allow an attacker to inject content if HTML5 sanitization...
PT-2024-35998
Name of the Vulnerable Software and Affected Versions: rails-html-sanitizer version 1.6.0 Description: A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer may allow an attacker to inject content if HTML5 sanitization is enabled and the application developer has...
PT-2024-29580 · Txtdot · Txtdot
Name of the Vulnerable Software and Affected Versions: txtdot versions 1.4.0 through 1.6.0 Description: A Server-Side Request Forgery SSRF issue exists in the /proxy route, allowing remote attackers to send HTTP GET requests to arbitrary targets and retrieve internal network information...
UBUNTU-CVE-2023-30536
slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the wild will also accept \n\n. An...
PT-2023-9872 · Unknown · Turante Sandbox Theme
Name of the Vulnerable Software and Affected Versions: Turante Sandbox Theme versions up to 1.5.2 Description: A problematic issue was found in the Turante Sandbox Theme, affecting the sandbox body class function of the file functions.php. The manipulation of the page argument leads to cross-site...
PT-2022-24943 · Kubevela · Kubevela
Name of the Vulnerable Software and Affected Versions: KubeVela versions 1.5 through 1.5.7 KubeVela versions 1.6 through 1.6.0 Description: KubeVela is an open source application delivery platform. Users using the VelaUX APIServer could be affected by this issue. When using Helm Chart as the...
Uncontrolled Search Path Element
Overview std/syscall is a Go standard library package std/syscall Affected versions of this package are vulnerable to Uncontrolled Search Path Element. Go Vulnerability Report: Untrusted search path vulnerability on Windows related to LoadLibrary allows local users to gain privileges via a...
PT-2021-14716 · Jenkins · Jenkins Cas Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins CAS Plugin versions 1.6.0 and earlier Description: The issue improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks by having users go to a Jenkins URL...
Command Injection
Overview mikehaertl/php-shellcommand is an object oriented interface to shell commands Affected versions of this package are vulnerable to Command Injection. User input is concatenated with a command within addArg that will be executed without any check. Remediation Upgrade...