382 matches found
CVE-2023-37924
Apache Submarine (subsystem: server) has an SQL injection vulnerability that allows login-time exploitation, affecting versions 0.7.0–0.8.0. The issue could enable unauthorized logins. A fix is available in version 0.8.0, which also adds oidc support and removes unauthenticated login paths. If up...
CVE-2023-46302
Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 . Apache Submarine uses JAXRS to define REST endpoints. In order to handle YAML requests using application/yaml content-type, it defin...
PYSEC-2023-240
Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 . Apache Submarine uses JAXRS to define REST endpoints. In order to handle YAML requests using application/yaml content-type, it defin...
Design/Logic Flaw
Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 . Apache Submarine uses JAXRS to define REST endpoints. In order to handle YAML requests using application/yaml content-type, it defin...
CVE-2023-46302
CVE-2023-46302 affects Apache Submarine (0.7.0–0.8.0 pre-upgrade) where YAML deserialization in the YamlUtils.yaml processing path (SnakeYAML-based) can lead to remote code execution. The issue arises during unmarshalling of YAML requests via JAXRS endpoints using application/yaml content-type; t...
GHSA-4JQ9-2XHW-JPX7 Java: DoS Vulnerability in JSON-JAVA
Summary A denial of service vulnerability in JSON-Java was discovered by ClusterFuzz. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: 1 the parser bug can be used to circumvent a check that is supposed to...
Java: DoS Vulnerability in JSON-JAVA
Summary A denial of service vulnerability in JSON-Java was discovered by ClusterFuzz. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: 1 the parser bug can be used to circumvent a check that is supposed to...
otelgrpc DoS vulnerability due to unbound cardinality metrics
Summary The grpc Unary Server Interceptor opentelemetry-go-contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go // UnaryServerInterceptor returns a grpc.UnaryServerInterceptor suitable // for use in a grpc.NewServer call. func UnaryServerInterceptoropts ...Option...
pr-today.net Cross Site Scripting vulnerability OBB-3775989
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-R2XV-VPR2-42M9 slsa-verifier vulnerable to mproper validation of npm's publish attestations
Summary slsa-verifier attestationstampered.json 5. SLSAVERIFIEREXPERIMENTAL=1 slsa-verifier verify-npm-package supreme-goggles.tgz --attestations-path attestationstampered.json --builder-id "https://github.com/actions/runner/github-hosted" --package-name "@trishankatdatadog/supreme-goggles"...
slsa-verifier vulnerable to mproper validation of npm's publish attestations
Summary slsa-verifier attestationstampered.json 5. SLSAVERIFIEREXPERIMENTAL=1 slsa-verifier verify-npm-package supreme-goggles.tgz --attestations-path attestationstampered.json --builder-id "https://github.com/actions/runner/github-hosted" --package-name "@trishankatdatadog/supreme-goggles"...
pr-and-events.de Improper Access Control vulnerability OBB-3767710
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-X9W5-V3Q2-3RHW browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack
Summary An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. Details In dsaVerify function, it checks whether the value of the signature is legal by calling...
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attack
Summary An upper bound check issue in dsaVerify function allows an attacker to construct signatures that can be successfully verified by any public key, thus leading to a signature forgery attack. Details In dsaVerify function, it checks whether the value of the signature is legal by calling...
Broken logical expression in onlyManager()
Lines of code Vulnerability details Original Issue H-05: Functions in the VotiumStrategy contract are susceptible to sandwich attacks Details Depositing/withdrawing directly to/from derivatives provides an opportunity for an adversary to sandwich the users, since the slippage control mechanism wa...
Introduce minEpoch to prevent withdrawal requests being front-runned
Lines of code Vulnerability details Original Issue M-04: VotiumStrategy withdrawal queue fails to consider available unlocked tokens causing different issues in the withdraw process Issue Details The issue raised above occured whenever there was an unlocked balance which could be used to fulfill...
CVE-2023-45812
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part response is...
Design/Logic Flaw
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part response is...
CVE-2023-45812 Improper Check or Handling of Exceptional Conditions in apollo-router
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part response is...
CVE-2023-45812 Improper Check or Handling of Exceptional Conditions in apollo-router
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part response is...