Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.55 views

Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodec

Affected gRPC Swift servers are vulnerable to precondition failures when parsing certain gRPC Web requests. This may lead to a denial of service...

7.5CVSS6.6AI score0.02082EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.81 views

Denial of service via HTTP/2 HEADERS frames padding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.2. It is fixed in 1.20.0 and later releases. This vulnerability is caused by a logica...

7.8CVSS6.7AI score0.01279EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.33 views

LeafKit allows XSS with untrusted user input

This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an attacker managed to find a variable that was rendered with their unsanitised data, they could inject scripts into a generated Leaf page, whic...

7.4CVSS5.9AI score0.0071EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.50 views

Arbitrary file read using percent-encoded relative paths in FileMiddleware

Attackers can access data at arbitrary filesystem paths on the same host as an application using FileMiddleware...

8.5CVSS6.9AI score0.0153EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.52 views

Vapor's Metrics integration could cause a system drain

This is a DoS attack against anyone who Bootstraps a metrics backend for their Vapor app with the following attack vector: 1. send unlimited requests against a vapor instance with different paths. this will create “unlimited” counters and timers, which will eventually drain the system. 2...

5.3CVSS6.8AI score0.01625EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.54 views

Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash

A bug in the Data.initbase32Encoded: function opens up the potential for exposing server memory and/or crashing the server Denial of Service for applications where untrusted data can end up in said function. Vapor does not currently use this function itself so this only impact applications that u...

9.1CVSS6.8AI score0.01199EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/09 12:0 a.m.89 views

Uncontrolled Resource Consumption in LengthPrefixedMessageReader

Affected gRPC Swift clients and servers are vulnerable to uncontrolled resource consumption attacks. Excessive memory may be allocated when parsing messages. This can lead to a denial of service...

7.5CVSS6.6AI score0.02082EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.69 views

Async HTTP Client has CRLF Injection vulnerability in HTTP request headers

Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they pass untrusted...

7.5CVSS7AI score0.00549EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.66 views

SwiftNIO vulnerable to Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

NIOHTTP1 and projects using it for generating HTTP responses, including SwiftNIO, can be subject to a HTTP Response Injection attack. This occurs when a HTTP/1.1 server accepts user generated input from an incoming request and reflects it into a HTTP/1.1 response header in some form. A malicious...

7.5CVSS7AI score0.00556EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.39 views

Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder

A program using swift-corelibs-foundation is vulnerable to a denial of service attack caused by a potentially malicious source producing a JSON document containing a type mismatch. This vulnerability is caused by the interaction between a deserialization mechanism offered by the Swift standard...

7.5CVSS7AI score0.00608EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.16 views

SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression

SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects HTTPRequestDecompressor and HTTPResponseDecompressor both failed to detect when the decompressed body was considered complete. If trailing junk data was appended ...

7.5CVSS7AI score0.00732EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.99 views

Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware

Vapor is an HTTP web framework for Swift and middleware is a logic chain between the client and a Vapor route handler. FileMiddleware enables the serving of assets from the Public folder of a project to the client. Vapor before 4.60.3 is vulnerable to denial of service due to an integer overflow...

7.5CVSS6.9AI score0.0189EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/07 12:0 a.m.27 views

Vapor vulnerable to denial of service in URLEncodedFormDecoder

Vapor is an HTTP web framework for Swift. Vapor versions earlier than 4.61.1 are vulnerable to a denial of service in the URLEncodedFormDecoder...

7.5CVSS6.6AI score0.0149EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/06 12:0 a.m.27 views

Inefficient Regular Expression Complexity

A Regular Expression Denial of Service ReDoS issue was discovered in the sanitizehtml function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted payload...

7.5CVSS6.4AI score0.01513EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/06/05 12:0 a.m.31 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository admidio/admidio prior to 4.2.8...

6.3CVSS6.1AI score0.00479EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/30 12:0 a.m.34 views

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3...

9.8CVSS7AI score0.00991EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/30 12:0 a.m.22 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Versions of the package yhirose/cpp-httplib before 0.12.4 is vulnerable to CRLF Injection when untrusted user input is used to set the content-type header in the HTTP .Patch, .Post, .Put and .Delete requests. This can lead to logical errors and other misbehaviors. Note: This issue is present due ...

8.8CVSS7.2AI score0.01137EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/25 12:0 a.m.33 views

Buffer Underwrite ('Buffer Underflow')

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

6.4CVSS6.9AI score0.00333EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/25 12:0 a.m.29 views

Use of Insufficiently Random Values

c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query ids. This is not a CSPRNG, and it is also not seeded by srand so will generate predictable output. Input from the random number generator i...

6.5CVSS6.8AI score0.00905EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/25 12:0 a.m.33 views

Uncontrolled Resource Consumption

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

7.5CVSS6.6AI score0.01577EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/25 12:0 a.m.39 views

Use of Insufficiently Random Values

c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cross compiling aarch64 android. This will downgrade to using rand as a fallback which could allow an attacker to take advantage of the lack ...

3.7CVSS6.6AI score0.00936EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/22 12:0 a.m.24 views

Uncontrolled Recursion in HTTP2ToRawGRPCServerCodec

Affected gRPC Swift servers are vulnerable to uncontrolled recursion and stack consumption when parsing certain payloads. This may lead to a denial of service...

7.5CVSS6.7AI score0.02082EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.13 views

SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header

Affected SwiftNIO systems are vulnerable to request smuggling attacks, in which they parse a given HTTP message differently from other network parties, potentially seeing a different number of requests than other servers. This can lead to failures of authentication, routing, and other issues. Thi...

7AI score
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.15 views

swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logica...

7.5CVSS6.7AI score0.01354EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.22 views

swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames

A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC or ORIGIN frames. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. This vulnerability is caused by a logical error...

7.5CVSS6.7AI score0.01119EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/18 12:0 a.m.25 views

swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HPACK-encoded header block. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.1. It is fixed in 1.19.2 and later releases. There are a number of...

7.5CVSS6.8AI score0.01119EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/10 12:0 a.m.49 views

PostgresNIO processes unencrypted bytes from man-in-the-middle

Any user of PostgresNIO connecting to servers with TLS enabled is vulnerable to a man-in-the-middle attacker injecting false responses to the client's first few queries, despite the use of TLS certificate verification and encryption. The remaining text in this section is quoted verbatim from...

8.1CVSS7AI score0.01901EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/05/01 12:0 a.m.50 views

Flask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header

When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by a proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session cookie to other clients. The severity depends on the...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References12Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/28 12:0 a.m.79 views

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

@aedart/support is the support package for Ion, a monorepo for JavaScript/TypeScript packages. Prior to version 0.6.1, there is a possible prototype pollution issue for the MetadataRecord, when merged with a base class' metadata object, in meta decorator from the @aedart/support package. The...

3.7CVSS6.6AI score0.00482EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/21 12:0 a.m.56 views

Authentication Bypass by Capture-replay

An issue was discovered in IO FinNet tss-lib before 2.0.0. The parameter ssid for defining a session id is not used through the MPC implementation, which makes replaying and spoofing of messages easier. In particular, the Schnorr proof of knowledge implemented in sch.go does not utilize a session...

6.8CVSS6.7AI score0.00523EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/21 12:0 a.m.67 views

Observable Discrepancy

io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time there is an if statement in a loop. One leak is in ecdsa/keygen/round2.go. bnb-chain/tss-lib and...

9.1CVSS8.6AI score0.00864EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/21 12:0 a.m.121 views

Observable Discrepancy

io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation, or modular inverse. An example leak is in crypto/paillier/paillier.go. bnb-chain/tss-lib and...

7.5CVSS7.2AI score0.00864EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/15 12:0 a.m.41 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0...

6.8CVSS5AI score0.00503EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/15 12:0 a.m.39 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site Scripting XSS - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0...

5.4CVSS5.2AI score0.00475EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/15 12:0 a.m.38 views

Improper Access Control

Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0...

5.4CVSS5.6AI score0.00447EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/15 12:0 a.m.40 views

Session Fixation

Session Fixation in GitHub repository alextselegidis/easyappointments prior to 1.5.0...

8.8CVSS8.4AI score0.00668EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/10 12:0 a.m.38 views

Flask-AppBuilder Has No Rate Limiting on Login AUTH DB

Lack of rate limiting will allow an attacker to brute-force user credentials...

7.5CVSS7.3AI score0.00629EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.35 views

Out-of-bounds Read

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read...

6.5CVSS6.9AI score0.00888EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.20 views

Out-of-bounds Read

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3decodeblock out-of-bounds read...

6.5CVSS7.3AI score0.00888EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.22 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...

6.5CVSS7.3AI score0.00888EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.26 views

Out-of-bounds Write

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3decodeblock...

8.8CVSS8.4AI score0.00916EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.24 views

Out-of-bounds Write

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3decodeblock out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais...

6.5CVSS6.8AI score0.00902EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/06 12:0 a.m.15 views

Out-of-bounds Read

An issue was discovered in libbzip3.a in bzip3 1.2.2. There is a bz3decompress out-of-bounds read in certain situations where buffers passed to bzip3 do not contain enough space to be filled with decompressed data. NOTE: the vendor's perspective is that the observed behavior can only occur for a...

6.5CVSS7AI score0.008EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/04 12:0 a.m.30 views

Improper Authentication

Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function...

9.8CVSS9AI score0.01605EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/04/03 12:0 a.m.20 views

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Silverstripe Form Capture provides a method to capture simple silverstripe forms and an admin interface for users. Starting in version 0.2.0 and prior to versions 1.0.2, 1.1.0, 2.2.5, and 3.1.1, improper escaping when presenting stored form submissions allowed for an attacker to perform a...

6.1CVSS5.1AI score0.00393EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/31 12:0 a.m.34 views

Server-Side Request Forgery (SSRF)

Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery SSRF via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request...

7.5CVSS7.1AI score0.36171EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/31 12:0 a.m.22 views

Stud42 vulnerable to denial of service

Stud42's API is vulnerable to a denial of service because the API pod can be overloaded by the GraphQL parser...

6.5AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/31 12:0 a.m.19 views

zstd vulnerable to buffer overrun

A vulnerability was found in zstd v1.4.10, where an attacker can supply an empty string as an argument to the command line tool to cause buffer overrun...

7.5CVSS6.8AI score0.01588EPSS
Exploits0References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/27 12:0 a.m.58 views

Incorrect Permission Assignment for Critical Resource

Insecure Permissions vulnerability found in OpenGoofy Hippo4j v.1.4.3 allows attacker to obtain sensitive information via the ConfigVerifyController function of the Tenant Management module...

6.5CVSS5.9AI score0.00605EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2023/03/23 12:0 a.m.72 views

Hippo4j privilege escalation issue

An issue found in OpenGoofy Hippo4j v.1.4.3 allows attackers to escalate privileges via the ThreadPoolController of the tenant Management module...

8.8CVSS8.4AI score0.00639EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities1518