CVE-2022-30781

Gitea before 1.16.7 does not escape git fetch remote...

CVE-2022-30781

CVE-2022-30781 affects Gitea prior to 1.16.7. The issue arises from improper escaping in the git fetch remote during repository migration, enabling remote command execution. Public details confirm a Git fetch remote code path as the root cause and that versions before 1.16.7 are vulnerable; mitig...

Gitea 安全漏洞

Gitea is a lightweight Go-based git service developed by the Gitea community. A security vulnerability exists in Gitea version 1.16.7 that stems from not escaping the git fetch remote...

Smarty PHP code injection

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...

GHSA-9M49-VHWV-422G Smarty PHP code injection

Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch or display functions on custom resources that does not sanitize template name...

GHSA-5875-M6JQ-VF78 Command injection in workspace-tools

The package workspace-tools before 0.18.4 is vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...

CVE-2022-25865

The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...

CVE-2022-25865

The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that...

Cross-Site Request Forgery in Jenkins Blue Ocean Plugin

A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API. The vulnerability is found in: - blueocean-core-js/src/js/bundleStartup.js - blueocean-core-js/src/js/fetch.ts -...

GHSA-QXH5-5R5P-5GVF Cross-Site Request Forgery in Jenkins Blue Ocean Plugin

A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API. The vulnerability is found in: - blueocean-core-js/src/js/bundleStartup.js - blueocean-core-js/src/js/fetch.ts -...

PT-2022-17575 · Unknown · Workspace-Tools

Name of the Vulnerable Software and Affected Versions: workspace-tools versions prior to 0.18.4 Description: The issue concerns Command Injection via git argument injection. When the fetchRemoteBranchremote: string, remoteBranch: string, cwd: string function is called, both the remote and...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sssd Vulnerability (NS-SA-2022-0044)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sssd packages installed that are affected by a vulnerability: - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. This flaw allows...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sssd Vulnerability (NS-SA-2022-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sssd packages installed that are affected by a vulnerability: - A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via the logs- fetch and cache-expire subcommands. This flaw allows...

CVE-2022-0235

A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized...

FreeBSD : gitea -- Escape git fetch remote (95ee401d-cc6a-11ec-9cfc-10c37b4ac2ea)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 95ee401d-cc6a-11ec-9cfc-10c37b4ac2ea advisory. - The Gitea team reports: Escape git fetch remote in services/migrations/giteauploader.go...

XSS in JSON: Old-School Attacks for Modern Applications

I recently wrote a blog post on injection-type vulnerabilities and how they were knocked down a few spots from 1 to 3 on the new OWASP Top 10 for 2022. The main focus of that article was to demonstrate how stack traces could be — and still are — used via injection attacks to gather information...

CVE-2022-28090

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

CVE-2022-28090

Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery SSRF via /cmscp/ext/collect/fetchurl.do?url=...

Jspxcms 代码问题漏洞

Blue Intelligence Technology Jspxcms is China's Blue Intelligence Technology Company's set of scalable enterprise-class open source Web content management system CMS. Jspxcms version 10.2.0 has a security vulnerability , the vulnerability stems from the /cmscp/ext/collect/fetchurl.do?url=found th...

Moderate: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.4 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.4 General Availability release images. This update provides security fixes, bug fixes, and updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System...