A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the applica…
[org.jboss:jboss-ejb-client] Exposure of Sensitive Information to an Unauthorized Actor in JBoss EJB Client
A flaw was found in wildfly. The JBoss EJB client has publicly accessible privileged actions which may lead to information disclosure on the server it is deployed on. The highest threat from this vulnerability is to data confidentiality.
References
ht…
[salt] Command Injection in SaltStack Salt
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and…
[@azure/ms-rest-nodeauth] Improper Privilege Management in Azure ms-rest-nodeauth
Azure ms-rest-nodeauth Library Elevation of Privilege Vulnerability
References
https://nvd.nist.gov/vuln/detail/CVE-2021-28458
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28458
https://github.com/advisories/GHSA-qpfw-4m…
[io.fabric8:kubernetes-client] Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client copy command to extract files outside the working path. The highest threa…
[scratchpad] move_elements can double-free objects on panic
An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-28031
https://rustsec.org/advisor…
[vscode-npm-script] Remote code execution in vscode-npm-script
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
References
https://nvd.nist.gov/vuln/detail/CVE-2021-26700
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26700
https://github.com/advisories/GHSA…
[jsdom] Insufficient Granularity of Access Control in JSDom
JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-20066
https://www.tenable.com/securit…
[qwutils] insert_slice_clone can double drop if Clone panics.
An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-26954
https://rustsec.org/advisories/RUSTSEC-2021-0018.ht…
[org.elasticsearch:elasticsearch] Insertion of Sensitive Information into Log File in Elasticsearch
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authenticati…