36144 matches found
Cross-site Scripting (XSS)
Overview getgrav/grav is a Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the page editor process. An attacker can execute arbitrary scripts and potentially gain system access by injecting...
Deserialization of Untrusted Data
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the idlelib.pyshell.ModifiedInterpreter.runcode process. An attacker can execute arbitrary commands by...
Race Condition
Overview Affected versions of this package are vulnerable to Race Condition through the proxyCSSRewriter process. An attacker can cause the application to crash by triggering concurrent access to shared resources, resulting in a denial of service. Remediation Upgrade...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the LinkCheck process due to incomplete validation of IPv6 transition mechanisms. An attacker can access internal network resources by submitting specially crafted requests that exploit the insufficie...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the Webhook URL handling process. An attacker can access internal network resources or sensitive endpoints by supplying a crafted URL. Remediation There is no fixed version for...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the file processing mechanism. An attacker can write arbitrary files to the filesystem by exploiting a case-insensitive bypass and missing checks for HardLink/SymLink tags. Remediation There is no fixed version for...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack via the file processing mechanism. An attacker can write arbitrary files to the filesystem by exploiting a case-insensitive bypass and missing checks for HardLink/SymLink tags. Remediation Upgrade...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the PATCH process for public shares. An attacker can access or modify files outside the intended shared directory by crafting malicious requests that exploit improper path validation. Details A Directory Traversa...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through the dump process when handling attacker-controlled message IDs via the --http interface. An attacker can write arbitrary files to the filesystem by supplying crafted message IDs that exploit path traversal...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the authentication process when using Basic Auth with LDAP. An attacker can bypass intended authentication controls by supplying usernames with different letter casing, potentially gaining...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the authentication process when using Basic Auth with LDAP. An attacker can bypass intended authentication controls by supplying usernames with different letter casing, potentially gaining...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the HTML processing component due to a missing IP-filter dialer. An attacker can access internal network resources by crafting malicious HTML content that triggers requests to private, loopback, or IM...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the authentication process when using Basic Auth with LDAP. An attacker can bypass intended authentication controls by supplying usernames with different letter casing, potentially gaining...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the HTML processing component due to a missing IP-filter dialer. An attacker can access internal network resources by crafting malicious HTML content that triggers requests to private, loopback, or IM...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the HTML processing component due to a missing IP-filter dialer. An attacker can access internal network resources by crafting malicious HTML content that triggers requests to private, loopback, or IM...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the process handling Gateway resources when the konghq.com/gatewayclass-unmanaged: 'true' annotation is missing. An attacker can access TLS secrets from other namespaces by creating or modifying Gateway resources...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the process handling Gateway resources when the konghq.com/gatewayclass-unmanaged: 'true' annotation is missing. An attacker can access TLS secrets from other namespaces by creating or modifying Gateway resources...
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via the redirect parameter. An attacker can redirect users to arbitrary external sites by crafting a malicious URL. Remediation There is no fixed version for github.com/casdoor/casdoor/object. References - Go Advisory...
Improper Handling of Case Sensitivity
Overview Affected versions of this package are vulnerable to Improper Handling of Case Sensitivity in the authentication process when using Basic Auth with LDAP. An attacker can bypass intended authentication controls by supplying usernames with different letter casing, potentially gaining...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the selector lexer process. An attacker can cause a panic and potentially disrupt service availability by providing a quoted string with a trailing backslash. Remediation There is no fixed version...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the selector lexer process. An attacker can cause a panic and potentially disrupt service availability by providing a quoted string with a trailing backslash. Remediation There is no fixed version...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop due to an infinite loop in the selector lexer process when handling an unterminated regex literal. An attacker can cause the application to become unresponsive by providing specially crafted input that triggers the infinit...
Infinite loop
Overview Affected versions of this package are vulnerable to Infinite loop due to an infinite loop in the selector lexer process when handling an unterminated regex literal. An attacker can cause the application to become unresponsive by providing specially crafted input that triggers the infinit...
Directory Traversal
Overview pynetdicom is an A Python implementation of the DICOM networking protocol Affected versions of this package are vulnerable to Directory Traversal via the qrscp application's C-STORE handler, which uses attacker-supplied DICOM dataset values directly in os.path.join without sanitization. ...
Server-side Request Forgery (SSRF)
Overview lemur is a Certificate management and orchestration service Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the improper handling of user-supplied URLs in the acmeurl parameter, lack of access control in the certificate key-fetch process, and...
Improper Verification of Cryptographic Signature
Overview lemur is a Certificate management and orchestration service Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the decodewithmultiplesecrets process. An attacker can influence the cryptographic algorithm used for token verification by...
Credential Exposure
Overview lemur is a Certificate management and orchestration service Affected versions of this package are vulnerable to Credential Exposure due to the improper handling of password updates in the update function. An attacker can obtain plaintext credentials by exfiltrating the users table,...
Incorrect Authorization
Overview lemur is a Certificate management and orchestration service Affected versions of this package are vulnerable to Incorrect Authorization in the PUT /api/1/roles/ process. An attacker can modify role membership and rename roles by sending crafted requests to the affected endpoint while bei...
Server-side Request Forgery (SSRF)
Overview lemur is a Certificate management and orchestration service Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the verifystring process when extracting CRL Distribution Point and OCSP responder URLs from uploaded certificate extensions. An attacker ca...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Package.Unmarshal function. An attacker can cause the server to exhaust system memory and crash by submitting a specially crafted gzip-compressed APK payload with a high...
Allocation of Resources Without Limits or Throttling
Overview github.com/sigstore/rekor/pkg/types/alpine is an immutable tamper resistant ledger of metadata generated within a software projects supply chain Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the Package.Unmarshal function. An...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the GetInstance process. An attacker can access or modify resources belonging to other users by sending requests with their own credentials after another user has initialized the singleton, causing all subsequen...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the GetInstance process. An attacker can access or modify resources belonging to other users by sending requests with their own credentials after another user has initialized the singleton, causing all subsequen...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the GetInstance process. An attacker can access or modify resources belonging to other users by sending requests with their own credentials after another user has initialized the singleton, causing all subsequen...
Deserialization of Untrusted Data
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the typeless deserialization process. An attacker can instantiate disallowed or dangerous types by wrapping them...
Inefficient Algorithmic Complexity
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the InterfaceLookupFormatter process. An attacker can cause excessive CPU consumption by supplying specially...
Allocation of Resources Without Limits or Throttling
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the deserialization process for multi-dimensional arrays. An attacker can cause excessive memor...
Allocation of Resources Without Limits or Throttling
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Deserialize function. An attacker can cause excessive memory allocation or process...
Uncontrolled Recursion
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Uncontrolled Recursion in the DynamicUnionResolver.BuildDeserialize process. An attacker can cause a process crash by providing a specially crafted uni...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the absence of a restriction on tile sizes in the TIFF image decoding process. An attacker can cause excessive memory consumption by providing a specially crafted image file wi...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the absence of a restriction on tile sizes in the TIFF image decoding process. An attacker can cause excessive memory consumption by providing a specially crafted image file wi...
Uncaught Exception
Overview golang.org/x/image/webp is a Package webp implements a decoder for WEBP images. Affected versions of this package are vulnerable to Uncaught Exception in the webp decoder when processing a VP8 chunk with dimensions that do not match the canvas size. An attacker can cause a denial of...
Uncaught Exception
Overview Affected versions of this package are vulnerable to Uncaught Exception in the webp decoder when processing a VP8 chunk with dimensions that do not match the canvas size. An attacker can cause a denial of service by supplying a crafted WebP image that triggers a panic during decoding...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the router process in the S3 and Iceberg REST gateways when path cleaning is disabled. An attacker can gain unauthorized access to resources in other buckets by crafting requests containing .. segments in the...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the router process in the S3 and Iceberg REST gateways when path cleaning is disabled. An attacker can gain unauthorized access to resources in other buckets by crafting requests containing .. segments in the...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass via the router process in the S3 and Iceberg REST gateways when path cleaning is disabled. An attacker can gain unauthorized access to resources in other buckets by crafting requests containing .. segments in the...
Uncontrolled Recursion
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Uncontrolled Recursion in the JSON conversion process. An attacker can cause the application to exhaust the process stack and terminate unexpectedly by...
Inefficient Algorithmic Complexity
Overview MessagePack is a MessagePackMsgPack Serializer for C.NET, .NET Core, Unity, Xamarin. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the ExpandoObjectFormatter.Deserialize process. An attacker can cause excessive CPU consumption and memory...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the Hook Authentication process. An attacker can execute arbitrary operating system commands by injecting shell metacharacters into the username or password fields during login. Remediation Upgrade...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the Hook Authentication process. An attacker can execute arbitrary operating system commands by injecting shell metacharacters into the username or password fields during login. Remediation There is no fixed versio...