jsonic Security Vulnerabilities

jsonic is a JSON parser for Node.js open-sourced by jsonicjs. A security vulnerability exists in jsonic version v2.12.1, which stems from the inclusion of prototype contamination via the function util.clone, allowing an attacker to execute arbitrary code or cause a denial of service DoS by...

WordPress Page and Post Clone Plugin <= 6.0 is vulnerable to Sensitive Data Exposure

Software Page and Post Clone Type Plugin Vulnerable versions = 6.0 Fixed in 6.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5942 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 2f05aa4ff3e4 Credits Bassem Essam Required...

CVE-2024-5942

The Page and Post Clone plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.0 via the 'contentclone' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access...

PT-2024-37257 · WordPress · Page/Post Clone

Name of the Vulnerable Software and Affected Versions: Page and Post Clone plugin for WordPress versions up to, and including, 6.0 Description: The issue allows authenticated attackers with Author-level access and above to clone and read private posts due to missing validation on a user-controlle...

WordPress plugin Page and Post Clone security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

git: insecure hardlinks

A vulnerability was found in Git. This flaw allows an unauthenticated attacker to place a specialized repository on their target's local system. For performance reasons, Git uses hardlinks when cloning a repository located on the same disk. However, if the repo being cloned is owned by a differen...

git: Recursive clones RCE

A vulnerability was found in Git. This vulnerability allows the malicious manipulation of repositories containing submodules, exploiting a bug that enables the writing of files into the .git/ directory instead of the submodule's intended worktree. This manipulation facilitates the execution of...

git: insecure hardlinks

A vulnerability was found in Git. This flaw allows an unauthenticated attacker to place a specialized repository on their target's local system. For performance reasons, Git uses hardlinks when cloning a repository located on the same disk. However, if the repo being cloned is owned by a differen...

Fedora 39 : composer (2024-bb55f8476a)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bb55f8476a advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

CVE-2024-37904 Denial of service from maliciously configured Git repository in Minder

Minder is an open source Software Supply Chain Security Platform. Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on lines L55-L89. The Git provider...

GHSA-HPCG-XJQ5-G666 Minder affected by denial of service from maliciously configured Git repository

Minder's Git provider is vulnerable to a denial of service from a maliciously configured GitHub repository. The Git provider clones users repositories using the github.com/go-git/go-git/v5 library on these lines:...

Exploit for Deserialization of Untrusted Data in Clear Clearml

CVE-2024-24590-ClearML-RCE-Exploit Python script that exploit...

Clone Job Fails Due to Security Context Constraints (SCC) Issue

Challenge Cloned-restore jobs time out and eventually fail because an application's security context provides permissions in the original application namespace. This results in the application's pod being in a non-running state. Example: Namespace = quay-enterprise SCC during deployment = anyuid...

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1...

CVE-2023-38395

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1...

CVE-2023-38395 WordPress WP Clone Menu plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1...

CVE-2023-38395 WordPress WP Clone Menu plugin <= 1.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Afzal Multani WP Clone Menu.This issue affects WP Clone Menu: from n/a through 1.0.1...

CVE-2023-38395

CVE-2023-38395 affects the WP Clone Menu WordPress plugin (versions

WordPress plugin WP Clone Menu security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...