ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)

ProxyScotch is a simple proxy server created for hoppscotch.io. The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL...

CVE-2022-25850

The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnerable to Server-side Request Forgery SSRF when interceptor mode is set to proxy. It occurs when an HTTP request is made by a backend server to an untrusted URL submitted by a user. It leads to a leakage of sensitive information...

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The package github.com/masterminds/vcs before 1.13.3 is vulnerable to Command Injection via argument injection. When hg is executed, argument strings are passed to hg in a way that additional flags can be set. The additional flags can be used to perform a command injection...

Information Disclosure

github.com/containerd/imgcrypt is vulnerable to information disclosure. Remote unauthenticated attackers are able to gain access to view an image without providing keys if that image had previously been decrypted. This is possible because only the first architecture in an list is being validated...

Information Disclosure

github.com/argoproj/argo-cd is vulnerable to information disclosure. The vulnerability exists in application resource APIs because the access controls are not properly handled which allows an attacker to escalate their privileges to admin-level and access the sensitive information...

Cross-Site Scripting (XSS)

github.com/misp/misp is vulnerable to stored cross-site scripting. The vulnerability exist in adminadd.ctp and adminedit.ctp when modifying the user which allows a malicious attacker to inject and execute arbitrary javascript...

Privilege Escalation

github.com/cri-o/cri-o is vulnerable to Privilege Escalation. when the pod is using a host network or IPC namespace, which allows a malicious user to set sysctls on the host without having access to hostNetwork and hostIPC...

CVE-2022-21221

The package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. Note: This security issue impacts Windows users only...

Authorization Bypass

github.com/go-gitea/gitea is vulnerable to authorization bypass. The vulnerability exists in the Auth function in pam.go due to missing checks in the pam module, allowing a malicious attacker to log in and perform unauthorized actions...

OS Command Injection

github.com/google/fscrypt is vulnerable to OS command injection. The vulnerability exists in fscryptmountpoints function of fscryptbashcompletion because the "compgen -W" is not single quoted which allows an attacker to inject and execute untrusted arbitrary strings...

Denial Of Service (DoS)

github.com/hashicorp/consul is vulnerable to denial of service DoS attacks. A remote attacker with service:write permission is able to register a specifically-crafted service on clusters with at least one ingress gateway configured, resulting in denial of service conditions in the server...

Ruby on Rails Information Disclosure Vulnerability (GHSA-rmj8-8hhh-gv5h) - Linux

Ruby on Rails is prone to an information disclosure vulnerability in puma. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

CVE-2022-0664

Summary: CVE-2022-0664 addresses a vulnerability inNetmaker where a hard-coded cryptographic key is used by the Go implementation (github.com/gravitl/netmaker) prior to versions 0.8.5, 0.9.4, 0.10.0, and 0.10.1. Affected software: Netmaker (Go component) on versions before the listed fixed releas...

GHSA-8WRG-M8VM-5FVJ Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server

Impact Authentication Bypass by Primary Weakness CWE-305 Commit: https://github.com/kongchuanhujiao/server/commit/9a125624f219e496bdf4b07b404816d5a309bdc1 ALL Users is impacted. Patches Yes, PLEASE UPGRADE TO v1.3.21-beta.d0ffc0a6...

Denial of service in github.com/nats-io/nats-server/server

This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers - Running a NATS service which is exposed to untrusted users presents a heighten...

GHSA-G9MP-8G3H-3C5C flynn/noise has improper nonce handling yielding potential state DoS

The Go package github.com/flynn/noise, a Noise Protocol implementation, has two bugs in nonce handling in versions prior to v1.0.0. Issue 1: Potential nonce overflow If 264 18.4 quintillion or more messages are encrypted with Encrypt after handshaking, the nonce counter will wrap around, causing...

Validation Bypass

github.com/cri-o/cri-o is vulnerable to Validation Bypass. When an attacker creates a pod with a hostIPC and hostNetwork kernel namespace, the attacker is able to apply sysctls from the list of safe sysctls specified for the cluster resulting in unauthorized access due to insufficient validations...

Denial Of Service (DoS)

github.com/golang/go is vulnerable to Denial Of Service DoS. The vulnerability exists due to uncontrolled memory consumption in SetString function which allows an attacker to crash the application by providing a malicious input...

GO-2022-0646 CBC padding oracle issue in AWS S3 Crypto SDK for golang in github.com/aws/aws-sdk-go

A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code MAC, which then allows an attacker who has write access to the target's S3 bucket and can observe...

Cross Site Scripting (XSS)

github.com/go-gitea/gitea is vulnerable to cross-site scripting XSS. The vulnerability exists due to the lack of sanitization in the repository settings in the setting.go file allows the attacker to inject and execute arbitrary Javascript via the URL field in the external wiki/issue tracker...