Ubuntu 16.04 ESM : GNU C Library vulnerabilities (USN-5699-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5699-1 advisory. Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could...

Regular Expression Denial Of Service (ReDoS)

loader-utils is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the resourcePath variable in interpolateName.js, allowing an attacker to crash the application by providing a malicious input...

Check-Effect-Interact Violations and possible Reentrancy

Lines of code Vulnerability details Impact Some contracts functions make external calls and do not follow the CEI pattern thereby allowing the function to possibly be re-entered. Proof of Concept 1. ArtGobblers.mintFromGoo - , numMintedFromGoo and currentNonLegendaryId state variables updated aft...

Re-entrancy risk to Project in ArtGobblers.gobble()

Lines of code Vulnerability details Impact In ArtGobblers.gobble, the function accepts user controlled input which may create re-entrancy opportunity in the ERC1155.safeTransferFrom and ERC721.transferFrom external calls . Since the nft parameter is user-controlled, any user can create a maliciou...

OESA-2022-1957 log4j security update

Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fixes: It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Contex...

CVE-2022-39958

The OWASP ModSecurity Core Rule Set CRS is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be...

CVE-2022-39958

The OWASP ModSecurity Core Rule Set CRS is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be...

CVE-2022-39958

The OWASP ModSecurity Core Rule Set CRS is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be...

PT-2022-28157 · Python +8 · Python +9

Name of the Vulnerable Software and Affected Versions: personnummer versions prior to 3.0.3 Dart versions prior to 3.0.3 C versions prior to 3.0.2 Elixir versions prior to 3.0.0 Go versions prior to 3.0.1 Java versions prior to 3.3.0 JavaScript versions prior to 3.1.0 Kotlin versions prior to 1.1...

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution.

...

Regular Expression Denial Of Service (ReDoS)

sanitize-html is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the href attribute in the sanitizeHtml function of index.js, allowing an attacker to cause an application crash by providing a malicious input...

CVE-2020-26938

In oauth2-server aka node-oauth2-server through 3.1.1, the value of the redirecturi parameter received during the authorization and token request is checked against an incorrect URI pattern "a-zA-Za-zA-Z0-9+.-+:" before making a redirection. This allows a malicious client to pass an XSS payload...

CVE-2022-1117

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker...

CVE-2022-1117

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker...

Design/Logic Flaw

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker...

CVE-2022-1117

CVE-2022-1117 affects fapolicyd. The root cause is an assumption in how glibc names the runtime linker, where a build-time regular expression may fail to detect the runtime linker, causing the pattern check for applications launched by ld.so to miss detections and potentially allow execution. Aff...

CVE-2022-1117

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker...

Storage collision between proxy and logic v2

Lines of code Vulnerability details The lack of using EIP1967 proposal can lead to a storage collision on variables when implementing proxy-implementation pattern. More details can be found here; Impact Since the project implementing proxies with logic and implementation pattern where they share...

PT-2022-10744

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to...

Regular Expression Denial Of Service (ReDoS)

uri-template-lite is vulnerable to regular expression denial of service. The vulnerability exists due to the insecure regex pattern used for the expandRe attribute in index.js, allowing an attacker to crash the application by providing a malicious input through the URI.expand method...