Impact
Authorization headers on requests are sensitive information. On making a request using the https scheme to a server which responds with a redirect to a URI with the http scheme, we should not forward the Authorization header on. This is much the…
[metacalc] Code Injection in metacalc
The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Execution when it exposes JavaScript’s Math class to the v8 context. As the Math class is exposed to user-land, it can be used to get access to JavaScript’s Function constructor.
Refere…
[francoisjacquet/rosariosis] Cross-site Scripting in RosarioSIS
Cross-site Scripting (XSS) – Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1997
https://github.com/francoisjacquet/rosariosis/commit/6b22c0b5b40fad891c8cf9e7eeff3e42a35c0bf8
h…
[github.com/emicklei/go-restful/v3] Authorization Bypass Through User-Controlled Key in go-restful
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1996
https://github.com/emicklei/go-restful/commit/fd3c327a379ce08c68ef18765bdc925f5d9bad10…
[dolibarr/dolibarr] Cross-site Scripting in Dolibarr
Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-30875
https://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS,
https://github.com/mustgundogdu/…
[api-res-py] Backdoor in api-res-py
api-res-py package in PyPI 0.1 is vulnerable to a code execution backdoor in the request package.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-31313
https://github.com/rakeshrkz7/as_api_res/issues/1
https://pypi.org/project/api-res-py/
http://…
[gogs.io/gogs] Path Traversal in Git HTTP endpoints in Gogs
Impact
The malicious user is able to craft HTTP requests to access unauthorized Git directories. All installations with are affected.
Patches
Path cleaning has accommodated for Git HTTP endpoints. Users should upgrade to 0.12.9 or the latest 0.13.0+dev…
[gogs.io/gogs] OS Command Injection in file editor in Gogs
Impact
The malicious user is able to update a crafted config file into repository’s .git directory in combination with crafted file deletion to gain SSH access to the server. All installations with repository upload enabled (default) are affected.
Patc…
[crossbeam] `MsQueue` `push`/`pop` use the wrong orderings
Affected versions of this crate use orderings which are too weak to support this data structure.
It is likely this has caused memory corruption in the wild: https://github.com/crossbeam-rs/crossbeam/issues/97#issuecomment-412785919.
References
https:/…
[gogs.io/gogs] Cross-site Scripting vulnerability in repository issue list in Gogs
Impact
DisplayName allows all the characters from users, which leads to an XSS vulnerability when directly displayed in the issue list.
Patches
DisplayName is sanitized before being displayed. Users should upgrade to 0.12.9 or the latest 0.13.0+dev.
Wo…