3 matches found
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the ntlmssp.Negotiator process. An attacker can cause a panic and crash the application by sending a specially crafted NTLM challenge message. Remediation Upgrade github.com/Azure/go-ntlmssp to version...
OpenBao AWS Plugin Vulnerable to Cross-Account IAM Role Impersonation in AWS Auth Method
Impact This is a cross-account impersonation vulnerability in the auth-aws plugin. The vulnerability allows an IAM role from an untrusted AWS account to authenticate by impersonating a role with the same name in a trusted account, leading to unauthorized access. This impacts all users of the...
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere due to insecure initialization of the DEFAULTCACHEDIR in app.py, using of user input...