The mirroring support (-M, –use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks.
References
https://nvd.nist.gov/vuln/detail/CVE-2013-5123
https://bugzil…
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with ‘<span color=”‘ followed by arbitrary Python code.
References
https://nvd.nist.gov/vuln/detail/CVE-2019…
An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka ‘ASP.NET Core Elevation Of Privilege Vulnerability’.
References
https://nvd.ni…
ServiceStack ServiceStack Framework 4.5.14 is affected by: Cross Site Scripting (XSS). The impact is: JavaScrpit is reflected in the server response, hence executed by the browser. The component is: the query used in the GET request is prone. The attac…
Impact
Token comparison was not constant time, and could theorically be used to guess value of an TOTP token, and thus reuse it in the same time window. The attacker would have to know the password beforehand nonetheless.
Patches
Library now used const…
Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-42250
https://lists.ap…
Apache Superset up to and including 1.3.1 allowed for database connections password leak for authenticated users. This information could be accessed in a non-trivial way.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-41972
https://lists.apache….
Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.
References
https://nv…
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @R…
The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quo…
