Authentication flaw

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...

PYSEC-2021-436

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...

CVE-2021-41281

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...

PYSEC-2021-436

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...

CVE-2021-41281

Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...

golang: net/http/httputil: panic due to racy read of persistConn after handler panic

A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...

openSUSE 15 Security Update : tomcat (openSUSE-SU-2021:1490-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1490-1 advisory. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to...

CVE-2021-41277

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

Design/Logic Flaw

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277 GeoJSON URL validation can expose server files and environment variables to unauthorized users

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277 GeoJSON URL validation can expose server files and environment variables to unauthorized users

Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map admin-settings-maps-custom maps-add a map support and potential local file inclusion including environment variables. URLs were not validated prior to being...

CVE-2021-41277

Metabase GeoJSON API Local File Inclusion vulnerability (CVE-2021-41277) affects Metabase prior to version 0.40.5/1.40.5, via the custom GeoJSON map feature where URLs were not validated before loading, enabling local file access (including environment variables). Impact described as local file i...

openSUSE 15 Security Update : tomcat (openSUSE-SU-2021:3672-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3672-1 advisory. - A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to...

PT-2021-23236 · Metabase · Metabase

Name of the Vulnerable Software and Affected Versions: Metabase versions prior to 0.40.5 Metabase versions prior to 1.40.5 Description: A security issue has been discovered in Metabase, an open source data analytics platform, related to the custom GeoJSON map support and potential local file...

Researchers Demonstrate New Way to Detect MitM Phishing Kits in the Wild

No fewer than 1,220 Man-in-the-Middle MitM phishing websites have been discovered as targeting popular online services like Instagram, Google, PayPal, Apple, Twitter, and LinkedIn with the goal of hijacking users' credentials and carrying out further follow-on attacks. The findings come from a ne...

EulerOS 2.0 SP5 : golang (EulerOS-SA-2021-2661)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which in some situations allows...

Concrete CMS: open redirect to a remote website which can phish users

By Adding some extra headers in the request I noticed that the user is redirected to a remote website. This can lead to stealing a user credentials phishing on a remote server. These headers can be added either using a MITM attack or by chaining with another vulnerability such as request smugglin...

golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty

A flaw was found in Go, acting as an unintended proxy or intermediary, where ReverseProxy forwards connection headers if the first one was empty. This flaw allows an attacker to drop arbitrary headers. The highest threat from this vulnerability is to integrity...

golang: net/http/httputil: panic due to racy read of persistConn after handler panic

A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability...