979 matches found
CVE-2023-50883
ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression IIFE, and therefore a sandbox escape is possible by directly calling the constructor of the Function object. NOTE: this issue exists because of an incorrect fix for CVE-2021-43446...
CVE-2024-42352 Server-Side Request Forgery (SSRF) in nuxt-icon
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. nuxt/icon provides an API to allow client side icon lookup. This endpoint is at /api/nuxticon/name. The proxied request path is improperly parsed, allowing an attacker to change the scheme and...
GHSA-CXGV-PX37-4MP2 Nuxt Icon affected by a Server-Side Request Forgery (SSRF)
Summary nuxt/icon provides an API to allow client side icon lookup. This endpoint is at /api/nuxticon/name. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and could potentially lead to sensitive data exposure...
Nuxt Icon affected by a Server-Side Request Forgery (SSRF)
Summary nuxt/icon provides an API to allow client side icon lookup. This endpoint is at /api/nuxticon/name. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and could potentially lead to sensitive data exposure...
PT-2024-25800 · Unjs/Ufo +1 · Unjs/Ufo +1
Name of the Vulnerable Software and Affected Versions: Nuxt versions prior to 3.12.4 Description: The navigateTo function does not correctly use APIs provided by unjs/ufo, leading to parsing discrepancies. The function first checks if a URL has a protocol using the unjs/ufo package, which works...
PT-2024-40827 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: A security exception crash has been reported. The crash involves the com.github.javaparser.GeneratedJavaParser.Expression and java.base/java.lang.StringUTF16.compress functions, as well as the...
Malicious code in EmрtуConstruсtor.Fоdy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in EmptуConstructor.Fоdy (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @epgu/epgu-constructor-types (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2308 Malicious code in @epgu/epgu-constructor-types (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-2307 Malicious code in @epgu/epgu-constructor (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @epgu/epgu-constructor (npm)
--- -= Per source details. Do not edit below this line.=-...
UBUNTU-CVE-2024-38582
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfsdetachlogwriter Syzbot has reported a potential hang in nilfsdetachlogwriter called during nilfs2 unmount. Analysis revealed that this is because nilfssegctorsync, which synchronizes with the lo...
jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies
A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including...
jenkins-plugin/script-security: sandbox bypass via crafted constructor bodies
A sandbox bypass vulnerability was found in the Jenkins Script Security Plugin involving crafted constructor bodies, enabling the circumvention of security restrictions. With crafted constructor bodies, this flaw allows authenticated attackers to define and execute sandboxed scripts, including...
GHSA-CJCC-P67M-7QXM Unsafe Reflection in base Component class in yiisoft/yii2
Yii2 supports attaching Behaviors to Components by setting properties having the format 'as '. Internally this is done using the set magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject$value. However, ther...
RHEL 6 : pyyaml (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - PyYAML: command execution through python/object/apply constructor in FullLoader CVE-2019-20477 - In PyYAM...
Jenkins Script Security Plugin has sandbox bypass vulnerability involving crafted constructor bodies
Jenkins Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call ...
GHSA-V63G-V339-2673 Jenkins Script Security Plugin has sandbox bypass vulnerability involving crafted constructor bodies
Jenkins Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call ...
CVE-2024-34144
A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security Plugin 1335.vf07d9ce377ae and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the contex...