Impact
when a calling an external contract with no return value, the contract address could be evaluated twice. this is usually only an efficiency problem, but if evaluation of the contract address has side effects, it could result in double evaluation…
[github.com/pingcap/tidb] TiDB authentication bypass vulnerability
Impact
Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access.
Only users using TiDB 5.3.0 are affected by this vulnerability….
[trilogy] Use of Uninitialized Variable in trilogy
Impact
When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory.
Patches
Users of the trilogy gem should …
[oauthenticator] Authorization Bypass Through User-Controlled Key when using CILogonOAuthenticator oauthenticator
Background
CILogon is a federated auth provider that allows users to authenticate
themselves via a number of Identity Providers (IdP), focused primarily on educational and
research institutions (such as Universities). More traditional and open IdPs
suc…
[facturascripts/facturascripts] Cross-site Scripting in FacturaScripts
FacturaScripts 2022.08 and prior is vulnerable to cross-site scripting. A patch is available on the master branch of the repository and anticipated to be part of version 2022.09.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1988
https://github…
[aleksis-core] Access control issue in AlekSIS-Core
An access control issue in aleksis/core/util/auth_helpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set.
References
https://nvd.nist.gov/vuln/det…
[gatsby-plugin-mdx] Unsanitized JavaScript code injection possible in gatsby-plugin-mdx
Impact
The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default configuration, unless input is sanitized. The vulnerability is pres…
[bottle] Denial of service in bottle
Bottle before 0.12.20 mishandles errors during early request binding.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-31799
https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c
https://github.com/bottlepy/bottle/comm…
[SSCMS] Cross site scripting in SSCMS
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).
References
https://nvd.nist.gov/vuln/detail/CVE-2022-30349
https://github.com/siteserver/cms/issues/3238
https://github.com/advisories/GHSA-4qf6-vpj8-p4r6
[github.com/hashicorp/nomad] Privilege escalation in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1.
Referen…