GitHub

[sanic] sanic vulnerable to Path Traversal

Impact
Access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not impacted.
Patches

v20.12.7 (LTS)
v21.12.2 (LTS)
v22.6.1

References
https://github.com/sanic-org/sanic/issues/2478
https://github.c…

[fof/byobu] Byobu user preference to prevent private discussions being started are not respected

Impact
Users electing to prevent others starting private discussions with themselves.

Please note that admins and others with appropriate permissions can always bypass this preference, as was the case before.

Patches
Users of Byobu should update the …

[websocket] Rust-WebSocket memory allocation based on untrusted length

Impact
Untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server.
The root cause of the issue is during dataframe parsing.
Affected versions would allocate a buffer based on the declared dataframe size, whic…

[node-latex-pdf] node-latex-pdf is susceptible to command injection

A command injection vulnerability affects all versions of the package node-latex-pdf.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-28433
https://security.snyk.io/vuln/SNYK-JS-NODELATEXPDF-1050426
https://github.com/advisories/GHSA-32fw-9wq8-9x…

[gitblame] gitblame susceptible to command injection

A command injection vulnerability affects all versions of package gitblame. The injection point is located in line 15 in lib/gitblame.js.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-28434
https://security.snyk.io/vuln/SNYK-JS-GITBLAME-1050430…

[heroku-env] heroku-env susceptible to command injection

A command injection vulnerability affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-28437
https://security.snyk.io/vuln/SNYK-JS-…

[get-npm-package-version] get-npm-package-version Command Injection vulnerability

The package get-npm-package-version before 1.0.7 is vulnerable to Command Injection via the main function in index.js.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-7795
https://github.com/hoperyy/get-npm-package-version/commit/40b1cf31a0607ea6…

[image-tiler] image-tiler susceptible to command injection

A command injection vulnerability affects the package image-tiler before version 2.0.2.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-28451
https://github.com/MrP/image-tiler/commit/f4a0b13a4bf43655fc4013e04bbceaf77aecbeb8
https://security.snyk…

[curljs] curljs Command Injection vulnerability

A command injection vulnerability affects all versions of the package curljs.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-28425
https://security.snyk.io/vuln/SNYK-JS-CURLJS-1050404
https://github.com/advisories/GHSA-cqfc-9452-r36j

[next-auth] NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails

Impact
next-auth users who are using the EmailProvider either in versions before 4.10.3 or 3.29.10 are affected.
If an attacker could forge a request that sent a comma-separated list of emails (eg.: attacker@attacker.com,victim@victim.com) to the sign-…

Underground News

Featured

[github.com/sigstore/cosign] cosign’s `cosign verify-attestaton –type` can report a false positive if any attestation exists

[github.com/sigstore/policy-controller] PolicyController before 0.2.1 may bypass attestation verification

[nbconvert] nbconvert vulnerable to cross-site scripting (XSS) via multiple exploit paths

[owning_ref] owning_ref vulnerable to multiple soundness issues