PT-2023-21224 · Github · Github-Slug-Action

Name of the Vulnerable Software and Affected Versions: github-slug-action versions 4.0.0 through 4.4.1 Description: The github-slug-action uses the github.head ref parameter in an insecure way, allowing any user on GitHub to trigger the vulnerability by creating a pull request with a branch name...

Libraries: Untrusted users can modify some Pipeline libraries in Pipeline Shared Groovy Libraries Plugin

A flaw was found in the Jenkins Pipeline: Shared Groovy Libraries plugin. The Jenkins Pipeline: Shared Groovy Libraries plugin allows attackers to submit pull requests. However, the attacker cannot commit directly to the configured Source Control Management SCM to effectively change the Pipeline...

Metasploit Wrap-Up

Basic discover script improvements This week two improvements were made to the script/resource/basicdiscovery.rc resource script. The first update from community member samsepi0x0 allowed commas in the RHOSTS value, making it easier to target multiple hosts. Additionally, adfoster-r7 improved the...

CVE-2021-32848

Octobox is software for managing GitHub notifications. Prior to pull request PR 2807, a user of the system can provide a specifically crafted search query string that will trigger a ReDoS vulnerability. This issue is fixed in PR 2807...

PT-2023-12181 · Octobox · Octobox

Name of the Vulnerable Software and Affected Versions: Octobox versions prior to pull request 2807 Description: Octobox is software for managing GitHub notifications. A user of the system can provide a specifically crafted search query string that will trigger a ReDoS vulnerability...

SUSE CVE-2008-4297

Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request...

SUSE CVE-2014-8179

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation...

SUSE CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

SUSE CVE-2020-8564

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

SUSE CVE-2021-21272

ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the downloade...

SUSE CVE-2021-46101

In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly...

IDOR Vulnerability in Nextcloud Mail

None...

Remote Code Execution (RCE)

simple-git is vulnerable to Remote Code Execution RCE. The vulnerability exists due to improper sanitization of the clone, pull, push and listRemote methods which allows an attacker to execute arbitrary code...

GHSA-8MJG-8C8G-6H85 Kubernetes Sensitive Information leak via Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

Kubernetes Sensitive Information leak via Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

Insertion of Sensitive Information into Log File

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

Missing permission checks in Jenkins GitHub Pull Request Builder Plugin

A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

GHSA-M6Q8-MWF6-6MMC CSRF vulnerability in Jenkins GitHub Pull Request Builder Plugin

A cross-site request forgery CSRF vulnerability in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

GHSA-W4V5-54P8-M4J5 Missing permission checks in Jenkins GitHub Pull Request Builder Plugin

A missing permission check in Jenkins GitHub Pull Request Builder Plugin 1.42.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

GHSA-4X65-4FJX-R7M6 Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin

Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file...