1518 matches found
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
A request smuggling attack is possible when using MaxBytesHandler. When using MaxBytesHandler, the body of an HTTP request is not fully consumed. When the server attempts to read HTTP2 frames from the connection, it will instead be reading the body of the HTTP request, which could be...
Session Fixation
KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4...
Session Fixation
KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4...
Duplicate of ./go/github.com/KubeOperator/KubePi/CVE-2023-22478.yml
API interfaces with unauthorized access will leak sensitive information via /kubepi/api/v1/systems/operation/logs/search and /kubepi/api/v1/systems/login/logs/search...
Duplicate of ./go/github.com/KubeOperator/KubeOperator/CVE-2023-22480.yml
API interfaces with unauthorized access will leak sensitive information via /api/v1/clusters/kubeconfig/...
Duplicate of ./go/github.com/KubeOperator/KubePi/CVE-2023-22479.yml
Summary A session fixation attack allows an attacker to hijack a legitimate user session. The attack investigates a flaw in how the online application handles the session ID, especially the susceptible web application. Affected Version = v1.6.3 For more information If you have any questions or...
Observable Timing Discrepancy
A vulnerability, which was classified as problematic, was found in agnivade easy-scrypt. Affected is the function VerifyPassphrase of the file scrypt.go. The manipulation leads to observable timing discrepancy. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is...
Improper Restriction of XML External Entity Reference
A vulnerability classified as problematic was found in e-Contract dssp up to 1.3.1. Affected by this vulnerability is the function checkSignResponse of the file dssp-client/src/main/java/be/econtract/dssp/client/SignResponseVerifier.java. The manipulation leads to xml external entity reference...
Use of Hard-coded Credentials
KubePi is a k8s panel. The jwt authentication function of KubePi through version 1.6.2 uses hard-coded Jwtsigkeys, resulting in the same Jwtsigkeys for all online projects. This means that an attacker can forge any jwt token to take over the administrator account of any online project. Furthermor...
Mellium vulnerable to authentication failure or insufficient randomness used during authentication
An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated instead, the nonce is empty. This causes authentication to fail in the best case, but if paired...
Server-Side Request Forgery (SSRF)
A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory...
Incorrect Resource Transfer Between Spheres
Elrond-GO is a go implementation for the Elrond Network protocol. Versions prior to 1.3.50 are subject to a processing issue where nodes are affected when trying to process a cross-shard relayed transaction with a smart contract deploy transaction data. The problem was a bad correlation between t...
YAML Go package vulnerable to denial of service
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Due to improper santization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or v1.4.3 allow remote attackers to read files outside of the intended directory...
GoUtils's randomly-generated alphanumeric strings contain significantly less entropy than expected
Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least one digit from 0 to 9. This significantly reduces the amount of entropy in short strings generated by...
yaml package for Go can consume excessive amounts of CPU or memory
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Cloud Foundry Archiver vulnerable to path traversal
Due to improper path santization, archives containing relative file paths can cause files to be written or overwritten outside of the target directory...
Use of Weak Hash
XML Digital Signatures generated and validated using this package use SHA-1, which may allow an attacker to craft inputs which cause hash collisions depending on their control over the input...
Uncontrolled Resource Consumption
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector...
Uncontrolled Resource Consumption
Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory...
Out-of-bounds Read
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack...
Out-of-bounds Read
golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack...
Memory Allocation with Excessive Size Value
A vulnerability was found in docconv up to 1.2.0 and classified as problematic. This issue affects the function ConvertDocx/ConvertODT/ConvertPages/ConvertXML/XMLToText. The manipulation leads to uncontrolled memory allocation. The attack may be initiated remotely. Upgrading to version 1.2.1 is...
Use of a Broken or Risky Cryptographic Algorithm
IO FinNet tss-lib before 2.0.0 allows a collision of hash values...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
A vulnerability was found in docconv up to 1.2.0. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdfocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.2.1...
Improper Restriction of Security Token Assignment
aad-pod-identity assigns Azure Active Directory identities to Kubernetes applications and has now been deprecated as of 24 October 2022. The NMI component in AAD Pod Identity intercepts and validates token requests based on regex. In this case, a token request made with backslash in the request...
Improper Resource Shutdown or Release
A vulnerability classified as problematic has been found in cgriego activeattr up to 0.15.2. This affects the function call of the file lib/activeattr/typecasting/booleantypecaster.rb of the component Regex Handler. The manipulation of the argument value leads to denial of service. The exploit ha...
Alist vulnerable to Path Traversal
Alist v3.4.0 is vulnerable to Directory Traversal,...
Uncontrolled Resource Consumption
A vulnerability classified as problematic was found in Dromara HuTool up to 5.8.10. This vulnerability affects unknown code of the file cn.hutool.core.util.ZipUtil.java. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed to the...
Helm vulnerable to denial of service through through repository index file
Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the repo package that can cause a segmentation violation. Applications that use functions from the repo package in the Helm SDK can have a Denial of Service attack when they use this package and it panics...
Helm vulnerable to denial of service through string value parsing
Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the strvals package that can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the strvals package in the Helm SDK can have a Denial of Service atta...
Helm vulnerable to denial of service through schema file
Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the chartutil package that can cause a segmentation violation. Applications that use functions from the chartutil package in the Helm SDK can have a Denial of Service attack when they use this package and it...
hutool-json vulnerable to memory exhaustion
hutool-json v5.8.10 was discovered to contain an out of memory error...
hutool-json stack overflow vulnerability
A stack overflow in the org.json.JSONTokener.nextValue::JSONTokener.java component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
hutool-json stack overflow vulnerability
A stack overflow in the XML.toJSONObject component of hutool-json v5.8.10 allows attackers to cause a Denial of Service DoS via crafted JSON or XML data...
AList vulnerable to Improper Preservation of Permissions
Alist v3.4.0 is vulnerable to File Upload. A user with only file upload permission can upload any file to any folder even a password protected one...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Alist v3.5.1 is vulnerable to Cross Site Scripting XSS via the bulletin board...
Improper Control of Generation of Code ('Code Injection')
Akeneo PIM is an open source Product Information Management PIM. Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute arbitrary PHP code on the server by uploading a crafted image. Akeneo PIM Community Edition after the versions...
Allocation of Resources Without Limits or Throttling
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
All versions of package gitpython is vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git...
Deserialization of Untrusted Data
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...
Missing Release of Memory after Effective Lifetime
DCMTK v3.6.7 was discovered to contain a memory leak via the TASCAssociation object...
Out-of-bounds Read
Cap'n Proto is a data interchange format and remote procedure call RPC system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 is vulnerable to out-of-bounds read due to logic error handli...
Improper Certificate Validation
In Botan before 2.19.3, it is possible to forge OCSP responses due to a certificate verification error. This issue was introduced in Botan 1.11.34 November 2016...
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in Akka...
Leak in Aliyun KeySecret
Users of this library will be affected when using this library, the incoming secret will be disclosed unintentionally...
Batched HTTP requests may set incorrect `cache-control` response header
Impact In Apollo Server 3 and 4, the cache-control HTTP response header may not reflect the cache policy that should apply to an HTTP request when that HTTP request contains multiple operations using HTTP batching. This could lead to data being inappropriately cached and shared. Apollo Server...