Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A code execution vulnerability exists in the Bento4 Ap4StsdAtom.cpp file, which stems from the failure of the AP4StsdAtom::AP4StsdAtom method of the Ap4StsdAtom.cpp file to correctly filter the special elements of the...

Fedora: Security Advisory for objenesis (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-TENSORFLOW-2021-29534 CHECK-fail in SparseConcat

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.SparseConcat. This is because the...

BIT-TENSORFLOW-2022-23588 `CHECK`-fails due to attempting to build a reference tensor in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that Grappler optimizer would attempt to build a tensor using a reference dtype. This would result in a crash due to a CHECK-fail in the Tensor constructor as...

BIT-NODE-2023-32006

The use of module.constructor.createRequire can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x, and, 20.x. Please note th...

Object Constructor And Prototype Override

jsonata is vulnerable to Object Constructor And Prototype Override. The vulnerability is due to a malicious expression leveraging the transform operator to override properties on the Object constructor and prototype. This may lead to denial of service, remote code execution, or other unexpected...

PT-2024-2194

Name of the Vulnerable Software and Affected Versions JSONata versions 1.4.0 through 1.8.6 JSONata versions 2.0.0 through 2.0.3 Description A malicious expression can use the transform operator to override properties on the Object constructor and prototype, potentially leading to denial of servic...

PT-2024-20300 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.5.1-628 Description: The issue is related to a Memory leak in the AP4 Movie::AP4 Movie function when parsing tracks and adding them to the m Tracks list. If an error occurs due to no audio track being found, mp42aac cannot...

jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin

A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...

PT-2024-20954 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-640 Description: The issue is an out-of-memory bug that occurs via the AP4 UrlAtom::AP4 UrlAtom function. Recommendations: For Bento4 version 1.6.0-640, consider disabling the AP4 UrlAtom::AP4 UrlAtom function as a...

RHCOS 4 : OpenShift Container Platform 4.10.52 (RHSA-2023:0697)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0697 advisory. - SnakeYaml: Constructor Deserialization Remote Code Execution CVE-2022-1471 - jenkins: Observable timing discrepancy allows...

RHCOS 4 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory. - google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can lead to improper...

Arbitrary Code Execution

Overview dom-iterator is a feature-rich, well-tested Iterator for traversing DOM nodes. Affected versions of this package are vulnerable to Arbitrary Code Execution due to use of the Function constructor without complete input sanitization. Function generates a new function body and thus care mus...

Proxy's logic contract relies on code in the constructor

Lines of code 122, 50, 25, 67, 98, 67, 22 Vulnerability details Logic contracts cannot rely on code in their constructors, because proxy contracts do not re-execute the logic contract's constructor - only its initializer. Move all code in the constructor to the initializer function. File:...

Incorrect indexing in constructor of Curve Adapters causes both contracts to assume xToken and lpToken to be the same token

Lines of code Vulnerability details Impact Curve Adapter contracts are unusable, as the protocol won't be able to tell the difference between which token USDC/USDT or lpToken is intended on being used for the transaction. Vulnerability details In the constructors of the Curve2PoolAdapter.sol and...

SnakeYaml: Constructor Deserialization Remote Code Execution

A flaw was found in the SnakeYaml package. This flaw allows an attacker to benefit from remote code execution by sending malicious YAML content and this content being deserialized by the constructor. Deserialization is unsafe and leads to Remote Code Execution RCE...

Proxy's logic contract relies on code in the constructor

Lines of code 122, 50, 25, 67, 98, 67, 22 Vulnerability details Impact Logic contracts cannot rely on code in their constructors, because proxy contracts do not re-execute the logic contract's constructor - only its initializer. Move all code in the constructor to the initializer function. File:...

jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin

A flaw was found in the script-security Jenkins Plugin. In affected versions of the script-security plugin, property assignments performed implicitly by the Groovy language runtime when invoking map constructors were not intercepted by the sandbox. This vulnerability allows attackers with...

Unchecked constructor arguments can make a contract unworkable

Lines of code Vulnerability details Impact In the NextGenCore contract constructor, there is no check that a valid admin contract is set using NextGenAdmins::isAdminContract. If the contract address in the adminsContract constructor is set incorrectly, it is not possible to call admin functions i...

Minting nft with Index 0 is not allowed

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The constructor of the NextGenCore.sol contract includes an increment operation for the newCollectionIndex variable, ensuring that the newCollectionIndex start from 1. While adding or modifying addition...