5616 matches found
WeasyPrint has a Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect
SummaryA Server-Side Request Forgery SSRF Protection Bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata endpoints even when a developer has implemented a custom urlfetcher to block...
pyasn1 has a DoS vulnerability in decoder
SummaryAfter reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. DetailsThe integer issue can be found in the decoder as reloid += subId 7 + nextSubId,:...
Chainlit contain a server-side request forgery (SSRF) vulnerability
Chainlit versions prior to 2.9.4 contain a server-side request forgery SSRF vulnerability in the /project/element update flow when configured with the SQLAlchemy data layer backend. An authenticated client can provide a user-controlled url value in an Element, which is fetched by the SQLAlchemy...
pytest has vulnerable tmpdir handling
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...
Swing Music has a Directory Traversal & Filesystem can be accessed by a non-admin user
SummarySwing Music's listfolders function in the /folder/dir-browser endpoint is vulnerable to directory traversal attacks. Any authenticated user including non-admin can browse arbitrary directories on the server filesystem. DetailsThe @api.post"/dir-browser" endpoint lacks proper path validatio...
hermes's raw options logging may disclose secrets passed in via subcommand options argument
Thanks, @thunze for reporting this!hermes subcommands take arbitrary options under the -O argument. These have been logged in raw form since https://github.com/softwarepub/hermes/commit/7f64f102e916c76dc44404b77ab2a80f5a4e59b1 in:...
GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS
SummaryGuardDog's safeextract function does not validate decompressed file sizes when extracting ZIP archives wheels, eggs, allowing attackers to cause denial of service through zip bombs. A malicious package can consume gigabytes of disk space from a few megabytes of compressed data. Vulnerabili...
GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE
SummaryA path traversal vulnerability exists in GuardDog's safeextract function that allows malicious PyPI packages to write arbitrary files outside the intended extraction directory, leading to Arbitrary File Overwrite and Remote Code Execution on systems running GuardDog.CWE: CWE-22 Improper...
Azure Core is vulnerable to deserialization of untrusted data
Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network...
Weblate wlc path traversal vulnerability: Unsanitized API slugs in download command
ImpactMulti-translation download could write to an arbitrary location when instructed by a crafted server. Patches https://github.com/WeblateOrg/wlc/pull/1128 WorkaroundsDo not use wlc download with untrusted servers. ReferencesThis issue was reported to us by wh1zee via HackerOne...
Weblate wlc has insecure API key configuration
ImpactHistorically, wlc supported providing unscoped API keys in the setting. This practice was discouraged for years, but the code was never removed. This might cause the API key to be used against different server. Patches https://github.com/WeblateOrg/wlc/pull/1098 WorkaroundsRemove unscoped k...
BlackSheep's ClientSession is vulnerable to CRLF injection
ImpactThe HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new header or even create a new HTTP request.Exploitation requires developers to pass unsanitized user input...
Weblate leaks information via screenshots
ImpactThe screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. Patches https://github.com/WeblateOrg/weblate/pull/17516 ReferencesThanks to Lukas May and Michael Leu f...
Label Studio is vulnerable to full account takeover by chaining Stored XSS + IDOR in User Profile via custom_hotkeys field
PrologueThese vulnerabilities have been found and chained by DCODX-AI. Validation of the exploit chain has been confirmed manually. SummaryA persistent stored cross-site scripting XSS vulnerability exists in the customhotkeys functionality of the application. An authenticated attacker or one who...
jaraco.context Has a Path Traversal Vulnerability
SummaryThere is a Zip Slip path traversal vulnerability in the jaraco.context package affecting setuptools as well, in jaraco.context.tarball function. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed.The...
filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
Vulnerability SummaryTitle: Time-of-Check-Time-of-Use TOCTOU Symlink Vulnerability in SoftFileLockAffected Component: filelock package - SoftFileLock classFile: src/filelock/soft.py lines 17-27CWE: CWE-362, CWE-367, CWE-59--- DescriptionA TOCTOU race condition vulnerability exists in the...
Authlib has 1-click Account Takeover vulnerability
Security Advisory: Cache-Backed State Storage CSRF in AuthlibThe Security Labs team at Snyk has reported a security issue affecting Authlib, identified during a recent research project.The Snyk Security Labs team has identified a vulnerability that can result in a one-click account takeover in...
NiceGUI is vulnerable to XSS via Unescaped URL in ui.navigate.history.push() / replace()
SummaryXSS risk exists in NiceGUI when developers pass attacker-controlled strings into ui.navigate.history.push or ui.navigate.history.replace. These helpers are documented as History API wrappers for updating the browser URL without page reload. However, if the URL argument is embedded into...
Fickling has a bypass via runpy.run_path() and runpy.run_module()
Fickling's assessmentrunpy was added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/9a2b3f89bd0598b528d62c10a64c1986fcb09f66. Original report SummaryFickling versions up to and including 0.1.6 do not treat Python’s runpy module as unsafe. Because of this, a malicious...
Fickling vulnerable to detection bypass due to "builtins" blindness
Fickling's assessmentFickling started emitting AST nodes for builtins imports in order to match them during analysis https://github.com/trailofbits/fickling/commit/9f309ab834797f280cb5143a2f6f987579fa7cdf. Original report SummaryFickling works byPickle bytecode -- AST -- Security analysisHowever...
Fickling has Static Analysis Bypass via Incomplete Dangerous Module Blocklist
Fickling's assessmentctypes, importlib, runpy, code and multiprocessing were added the list of unsafe imports https://github.com/trailofbits/fickling/commit/9a2b3f89bd0598b528d62c10a64c1986fcb09f66, https://github.com/trailofbits/fickling/commit/eb299b453342f1931c787bcb3bc33f3a03a173f9,...
AcademySoftwareFoundation OpenColorIO has an out-of-bounds vulnerability
A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...
Fickling vulnerable to use of ctypes and pydoc gadget chain to bypass detection
Fickling's assessmentpydoc and ctypes were added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/b793563e60a5e039c5837b09d7f4f6b92e6040d1. Original report SummaryBoth ctypes and pydoc modules arent explictly blocked. Even other existing pickle scanning tools like...
pypdf has possible long runtimes for malformed startxref
ImpactAn attacker who exploits this vulnerability can craft a PDF which leads to possibly long runtimes for invalid startxref entries. When rebuilding the cross-reference table, PDF files with lots of whitespace characters become problematic. Only the non-strict reading mode is affected...
pypdf has possible long runtimes for missing /Root object with large /Size values
ImpactAn attacker who exploits this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be achieved by omitting the /Root entry in the trailer, while using a rather large /Size value. Only the non-strict reading mode is affected. PatchesThis ha...
LIEF is vulnerable to segmentation fault
A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parsebinary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local...
NiceGUI apps are vulnerable to XSS which uses `ui.sub_pages` and render arbitrary user-provided links
SummaryAn unsafe implementation in the click event listener used by ui.subpages, combined with attacker-controlled link rendering on the page, causes an XSS when the user actively clicks on the link. Details1. On click, eventually subpagesnavigate event is...
Werkzeug safe_join() allows Windows special device names with compound extensions
Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory. Windows still accepts them with any file extensio...
Fickling Blocklist Bypass: cProfile.run()
Fickling's assessmentcProfile was added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/dc8ae12966edee27a78fe05c5745171a2b138d43. Original report Description SummaryFickling versions up to and including 0.1.6 do not treat Python's cProfile module as unsafe. Because of...
NiceGUI apps which use `ui.sub_pages` vulnerable to zero-click XSS
SummaryAn unsafe implementation in the pushstate event listener used by ui.subpages allows an attacker to manipulate the fragment identifier of the URL, which they can do despite being cross-site, using an iframe. DetailsThe problem is traced as follows:1. On pushstate, handleStateEvent is...
NiceGUI has Redis connection leak via tab storage causes service degradation
SummaryAn unauthenticated attacker can exhaust Redis connections by repeatedly opening and closing browser tabs on any NiceGUI application using Redis-backed storage. Connections are never released, leading to service degradation when Redis hits its connection limit.NiceGUI continues accepting ne...
Parsl Monitoring Visualization Vulnerable to SQL Injection
Affected Product: Parsl Python Parallel Scripting LibraryComponent: parsl.monitoring.visualizationVulnerability Type: SQL Injection CWE-89Severity: High CVSS Rating Recommended: 7.5 - 8.6URL: https://github.com/Parsl/parsl/blob/master/parsl/monitoring/visualization/views.pySummaryA SQL Injection...
records-mover Injection vulnerability
A weakness has been identified in bluelabsio records-mover up to 1.5.4. The affected element is an unknown function of the component Table Object Handler. This manipulation causes SQL Injection. The attack needs to be launched locally. Upgrading to version 1.6.0 is sufficient to fix this issue...
AIOHTTP Vulnerable to Cookie Parser Warning Storm
SummaryReading multiple invalid cookies can lead to a logging storm. ImpactIf the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header.----Patch:...
picklescan has Arbitrary file read using `io.FileIO`
SummaryUnsafe pickle deserialization allows unauthenticated attackers to read arbitrary server files and perform SSRF. By chaining io.FileIO and urllib.request.urlopen, an attacker can bypass RCE-focused blocklists to exfiltrate sensitive data example: /etc/passwd to an external server. DetailsTh...
loggingredactor converts non-string types to string types in logs
ImpactNon-string types are converted into string types, leading to type errors in %d conversions. PatchesThe problem has been patched in version 0.0.6. WorkaroundsNone without patching. ResourcesIssue report: https://github.com/armurox/loggingredactor/issues/7Release:...
MONAI has Path Traversal (Zip Slip) in NGC Private Bundle Download
SummaryA Path Traversal Zip Slip vulnerability exists in MONAI's downloadfromngcprivate function. The function uses zipfile.ZipFile.extractall without path validation, while other similar download functions in the same codebase properly use the existing safeextractmember function.This appears to ...
AIOHTTP vulnerable to DoS through chunked messages
SummaryHandling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. ImpactIf an application makes use of the request.read method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU ti...
AIOHTTP vulnerable to denial of service through large payloads
SummaryA request can be crafted in such a way that an aiohttp server's memory fills up uncontrollably during processing. ImpactIf an application includes a handler that uses the Request.post method, an attacker may be able to freeze the server by exhausting the memory.-----Patch:...
Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)
Impacturllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once.urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header e.g., gzip,...
Bokeh server applications have Incomplete Origin Validation in WebSockets
This vulnerability allows for Cross-Site WebSocket Hijacking CSWSH of a deployed Bokeh server instance. ScopeThis vulnerability is only relevant to deployed Bokeh server instances. There is no impact on static HTML output, standalone embedded plots, or Jupyter notebook usage. This vulnerability...
AIOHTTP vulnerable to DoS when bypassing asserts
SummaryWhen assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body. ImpactIf optimisations are enabled -O or PYTHONOPTIMIZE=1, and the application includes a handler that uses the Request.post method, then an attacker may be able to execu...
AIOHTTP's unicode processing of header values could cause parsing discrepancies
SummaryThe Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. ImpactIf a pure Python version of aiohttp is installed i.e. without the usual C extensions or AIOHTTPNOEXTENSIONS is enabled, then an attacker may be able to execute a request smuggling...
AIOHTTP has unicode match groups in regexes for ASCII protocol elements
SummaryThe parser allows non-ASCII decimals to be present in the Range header. ImpactThere is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability.----Patch:...
AIOHTTP vulnerable to brute-force leak of internal static file path components
SummaryPath normalization for static files prevents path traversal, but opens up the ability for an attacker to ascertain theexistence of absolute path components. ImpactIf an application uses web.static not recommended for production deployments, it may be possible for an attacker to ascertain t...
Picklescan is vulnerable to RCE through missing detection when calling numpy.f2py.crackfortran._eval_length
SummaryPicklescan uses the numpy.f2py.crackfortran.evallength function a NumPy F2PY helper to execute arbitrary Python code during unpickling. DetailsPicklescan fails to detect a malicious pickle that uses the gadget numpy.f2py.crackfortran.evallength in reduce, allowing arbitrary command executi...
lmdeploy vulnerable to Arbitrary Code Execution via Insecure Deserialization in torch.load()
SummaryAn insecure deserialization vulnerability exists in lmdeploy where torch.load is called without the weightsonly=True parameter when loading model checkpoint files. This allows an attacker to execute arbitrary code on the victim's machine when they load a malicious .bin or .pt model file.CW...
Feast vulnerable to Deserialization of Untrusted Data
A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at feast/sdk/python/feast/infra/computeengines/kubernetes/main.py. The vulnerability arises from the use of yaml.load..., Loader=yaml.Loader to...
AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb
SummaryA zip bomb can be used to execute a DoS against the aiohttp server. ImpactAn attacker may be able to send a compressed request that when decompressed by aiohttp could exhaust the host's memory.------Patch: https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a...
Picklescan has Incomplete List of Disallowed Inputs
SummaryCurrently picklescanner only blocks some specific functions of the pydoc and operator modules. Attackers can use other functions within these allowed modules to go through undetected and achieve RCE on the final user. Particularly pydoc.locate: Can dynamically resolve and import arbitrary...