Impact
The ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it.
It is possible for the node to be exhausted of memory. The consequence of the exhaustion is that other servi…
[org.springframework.boot:spring-boot] Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot
spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method.
The vulnerable method …
[microweber/microweber] Microweber before v1.2.20 vulnerable to cross-site scripting
Prior to Microweber v1.2.20, due to improper neutralization of input, an attacker can steal tokens to perform cross-site request forgery (CSRF), fetch contents from same-site and redirect a user.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-23…
[idno/known] Known v1.3.1 contains Insecure Direct Object Reference
Known v1.3.1 was discovered to contain an Insecure Direct Object Reference (IDOR).
The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last version tagged on GitHub and in Packagist, and development relate…
[idno/known] Known vulnerable to account takeover via host header injection attack in v1.3.1
Known v1.3.1 was discovered to allow attackers to perform an account takeover via a host header injection attack.
The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last version tagged on GitHub and in Pa…
[idno/known] Known vulnerable to code execution via SVG file in v1.3.1
An issue in the isSVG() function of Known v1.3.1 allows attackers to execute arbitrary code via a crafted SVG file.
The researcher report indicates that versions 1.3.1 and prior are vulnerable. Version 1.2.2 is the last version tagged on GitHub and in …
[idno/known] Known v1.3.1 Cross-site Scripting
A cross-site scripting (XSS) vulnerability in Known v1.3.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field.
The researcher report indicates that versions 1.3.1 and pri…
[rpc.py] rpc.py 0.6.0 vulnerable to Deserialization of Untrusted Data
rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the “serializer: pickle” HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be pr…
[github.com/hyperledger/fabric/orderer/common/cluster] Improper Input Validation in orderer/common/cluster consensus request
Impact
If a consensus client sends a malformed consensus request to an orderer it may crash the orderer node.
This fix checks for the malformed consensus request and returns an error to the consensus client.
Patches
Fixed in v2.2.7 and v2.4.5.
Workarou…
[github.com/openshift/origin] Insecure cookies in Openshift Origin
In Openshift Origin the cookies being set in console have no ‘secure’, ‘HttpOnly’ attributes.
References
https://nvd.nist.gov/vuln/detail/CVE-2015-3207
https://github.com/openshift/origin/pull/2261
https://github.com/openshift/origin/pull/2291
https:/…