Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.97 views

Use of a Broken or Risky Cryptographic Algorithm

A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this i...

2.5CVSS2.4AI score0.00231EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.93 views

Use of a Broken or Risky Cryptographic Algorithm

A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code MAC, which then allows an attacker who has write access to the target's S3 bucket and can observe...

5.6CVSS3.8AI score0.00348EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.16 views

Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a...

7.5CVSS7.1AI score0.01354EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.14 views

Duplicate advisory: swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w3f6-pc54-gfw7. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a...

7.5CVSS7.2AI score0.01119EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/11 12:0 a.m.12 views

Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pgfx-g6rc-8cjv. This link is maintained to preserve external references. Original Description A program using swift-nio-http2 is vulnerable to a denial of service attack caused by a network peer sending ALTSVC o...

7.5CVSS7AI score0.01119EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/10 12:0 a.m.34 views

Incomplete Cleanup

An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse...

9.8CVSS2.8AI score0.01447EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/10 12:0 a.m.36 views

Improper Authentication

An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. If captured, the TOTP code for the 2FA can be submitted correctly more than once...

9.8CVSS3.2AI score0.01319EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/10 12:0 a.m.46 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The hyperlinks functionality in atlaskit/editor-core in allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in link targets...

5.4CVSS4.7AI score0.01126EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/08 12:0 a.m.53 views

Incorrect Authorization

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

6.3CVSS4.9AI score0.09274EPSS
Exploits3References11Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/07 12:0 a.m.44 views

Server-Side Request Forgery (SSRF)

In Apache Traffic Control Traffic Ops, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...

7.5CVSS1.2AI score0.01978EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/07 12:0 a.m.71 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file...

7.7CVSS4.1AI score0.02693EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/07 12:0 a.m.72 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file...

7.7CVSS4.1AI score0.02693EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/06 12:0 a.m.20 views

Server-Side Request Forgery (SSRF)

In Apache Traffic Control Traffic Ops, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach...

7.5CVSS1.2AI score0.01978EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/02 12:0 a.m.81 views

Time-of-check Time-of-use (TOCTOU) Race Condition

As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Services, Pods, Nodes, or StorageClass service providers. As part of this mitigation Kubernetes does a...

6.3CVSS1.3AI score0.03679EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/02/01 12:0 a.m.93 views

Observable Response Discrepancy in Flask-AppBuilder

User enumeration in database authentication in Flask-AppBuilder 3.4.4. Allows for a non authenticated user to enumerate existing accounts by timing the response time from the server when you are logging in...

5.3CVSS5AI score0.00953EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/25 12:0 a.m.31 views

Authentication Bypass by Primary Weakness

Authentication Bypass by Primary Weakness exists in adodb/adodb...

9.1CVSS3AI score0.0217EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/13 12:0 a.m.60 views

Lookup operations do not take into account wildcards in SpiceDB

SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under the right hand branch of an exclusion or within an intersection operation will see Lookup/LookupResources return a resource as "accessible" if it is not...

8.1CVSS0.6AI score0.01472EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/12 12:0 a.m.31 views

Out-of-bounds Write

GNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals 12...

8.8CVSS3.1AI score0.01891EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/08 12:0 a.m.31 views

ANSI escape characters not filtered

kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events...

3CVSS2.4AI score0.00778EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.5 views

Use of Uninitialized Resource in acc_reader.

An issue was discovered in the accreader crate through 2020-12-27 for Rust. readupto may read from uninitialized memory locations...

9.8CVSS7.2AI score0.01191EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.7 views

Use of Uninitialized Resource in acc_reader.

An issue was discovered in the accreader crate through 2020-12-27 for Rust. fillbuf may read from uninitialized memory locations...

9.8CVSS7.2AI score0.01191EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.5 views

Out-of-bounds Write in actix-web

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

9.8CVSS7.2AI score0.01288EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.8 views

Out-of-bounds Write in actix-web

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...

9.8CVSS7.2AI score0.01324EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.4 views

Out-of-bounds Write in actix-web

An issue was discovered in the actix-web crate before 0.7.19 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption...

9.8CVSS7.8AI score0.01288EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.45 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ajax.NET Professional AjaxPro is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to JavaScript object injection which may result in cross site scripting when leveraged by a malicious user. The affected core relates to JavaScript object creation...

8.7CVSS2.1AI score0.00824EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.26 views

Abomonation transmutes &T to and from &[u8] without sufficient constraints

An issue was discovered in the abomonation crate through version 0.7.3 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

7.5CVSS7.1AI score0.00972EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/06 12:0 a.m.37 views

Allocation of Resources Without Limits or Throttling in Apache Avro

A vulnerability in the .NET SDK of Apache Avro allows an attacker to allocate excessive resources, potentially causing a denial-of-service attack. This issue affects .NET applications using Apache Avro and prior versions. Users should update to which addresses this issue...

7.5CVSS5.4AI score0.0296EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/05 12:0 a.m.21 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross Site Scripting XSS vulnerability exits in Anchor CMS =0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious operations...

6.1CVSS2.6AI score0.00746EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/02 12:0 a.m.30 views

Uncontrolled Resource Consumption

net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests...

7.5CVSS3.1AI score0.03958EPSS
Exploits0References10Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/01 12:0 a.m.35 views

Out-of-bounds Write

GDAL has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment...

5.5CVSS3AI score0.01491EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/01 12:0 a.m.51 views

Out-of-bounds Write

Open Asset Import Library aka assimp has a heap-based buffer overflow in m3dsafestr called from m3dload and Assimp::M3DWrapper::M3DWrapper...

5.5CVSS3.3AI score0.00942EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/01/01 12:0 a.m.24 views

Out-of-bounds Write

HarfBuzz has an out-of-bounds write in hbbitsetinvertiblet::set called from hbsparsesett::set and hbsetcopy...

6.5CVSS0.7AI score0.0178EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/22 12:0 a.m.83 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Ajax.Releases are affected. A workaround exists that replaces one of the core JavaScript files embedded in the library. See the GHSA-5q7q-qqw2-hjq7 for workaround details...

8.7CVSS1.3AI score0.00824EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/20 12:0 a.m.51 views

Improper Authentication

Authelia is a a single sign-on multi-factor portal for web apps. This affects uses who are using nginx ngxhttpauthrequestmodule with Authelia, it allows a malicious individual who crafts a malformed HTTP request to bypass the authentication mechanism. It additionally could theoretically affect...

10CVSS1.4AI score0.01868EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/20 12:0 a.m.35 views

Excessive Platform Resource Consumption within a Loop in Kubernetes

Abusively constructed YAML payload can significantly reduce parsing performance potentially leading to DoS...

6.5CVSS3AI score0.0236EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/17 12:0 a.m.33 views

Deserialization of Untrusted Data

In logback version 1.2.9 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers...

8.5CVSS7.6AI score0.04439EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/16 12:0 a.m.11 views

Duplicate Advisory: Remote Code Execution in AjaxNetProfessional

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6r7c-6w96-8pvw. This link is maintained to preserve external references. Original Description All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of...

9.8CVSS8.8AI score0.88768EPSS
Exploits2References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/16 12:0 a.m.48 views

Incorrect Permission Assignment for Critical Resource

When ORT now via atstccfg generates ipallow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. Additionally, these permissions are...

5.8CVSS3.1AI score0.03928EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/16 12:0 a.m.27 views

URL Redirection to Untrusted Site ('Open Redirect')

The Auth0 Next.js does not filter out certain returnTo parameter values from the login url, which expose the application to an open redirect vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue...

6.4CVSS3.2AI score0.00656EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/16 12:0 a.m.39 views

Incorrect Authorization

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the No...

6.5CVSS4AI score0.05524EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/09 12:0 a.m.57 views

Observable Discrepancy

Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowed attackers to determine the usernames of valid non-SSO accounts because /api/v1/session returned 401 for an existing username and 404 otherwise...

5.3CVSS4.9AI score0.01924EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/09 12:0 a.m.64 views

Improper Authentication in Flask-AppBuilder

Improper authentication on the REST API. Allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. Only affects non database authentication types, and new REST API endpoints...

8.8CVSS8.5AI score0.0125EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/07 12:0 a.m.21 views

Remote Code Execution in AjaxNetProfessional

Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or database or can be sent through streams. The reverse process of creating object from sequence of bytes is called deserialization. Serialization is commonly used for communication sharin...

9.8CVSS9.2AI score0.88768EPSS
Exploits2References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/12/07 12:0 a.m.19 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in AjaxNetProfessional...

9.8CVSS3.5AI score0.88768EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.89 views

Improper Certificate Validation

The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority CA to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the system’s default trust-store...

8.8CVSS2.2AI score0.00375EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.55 views

Improper Certificate Validation

The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority CA to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation is also not enabled when the CA has been “overridden”. TLS handshakes will thus succeed if the peer...

7.2CVSS1.9AI score0.00611EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.38 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

6.8CVSS6.1AI score0.02617EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.54 views

Improper Certificate Validation

Connections initialized by the AWS IoT Device SDK v2 for Java, Python , C++ and Node.js does not verify server certificate hostname during TLS handshake when overriding Certificate Authorities CA in their trust stores on MacOS. This issue has been addressed in aws-c-io submodule onward. This issu...

8.8CVSS2.1AI score0.00375EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/23 12:0 a.m.45 views

Improper Certificate Validation

Connections initialized by the AWS IoT Device SDK v2 for Java, Python , C++ and Node.js does not verify server certificate hostname during TLS handshake when overriding Certificate Authorities CA in their trust stores on Windows. This issue has been addressed in aws-c-io submodule onward. This...

8.8CVSS2.8AI score0.00398EPSS
Exploits0References6
GitLab Advisory Database
GitLab Advisory Database
added 2021/11/13 12:0 a.m.26 views

Cross-Site Request Forgery (CSRF)

twill is vulnerable to Cross-Site Request Forgery CSRF...

6.3CVSS3.7AI score0.00393EPSS
Exploits1References3Affected Software1
Total number of security vulnerabilities1518