Impact
When an “Internal System Error” occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impac…
[@solana/pay] Solana Pay Vulnerable to Weakness in Transfer Validation Logic
Description
When a Solana Pay transaction is located using a reference key, it may be checked to represent a transfer of the desired amount to the recipient, using the supplied validateTransfer function. An edge case regarding this mechanism could caus…
[drupal/core] Drupal core Information Disclosure vulnerability
In some situations, the Image module does not correctly check access to image files not stored in the standard public files directory when generating derivative images using the image styles system.
Access to a non-public file is checked only if it is …
[untangle] untangle before 1.2.1 vulnerable to XML Entity Expansion
Impact
An attacker may be able to cause a denial-of-service (DoS) condition on the server on which the product is running. This affects untangle versions up to and including 1.2.0
Patches
The problem has been fixed with version 1.2.1
Workarounds
None
R…
[untangle] untangle before 1.2.1 vulnerable to Improper Restriction of XML External Entity Reference
Impact
An attacker may be able to read the contents of local files. This affects untangle versions up to and including 1.2.0
Patches
The problem has been fixed with version 1.2.1
Workarounds
None
References
https://jvn.jp/en/jp/JVN30454777/
For more in…
[next-auth] next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
Impact
An information disclosure vulnerability in next-auth before v4.10.2 and v3.29.9 allows an attacker with log access privilege to obtain excessive information such as an identity provider’s secret in the log (which is thrown during OAuth error han…
[sanic] sanic vulnerable to Path Traversal
Impact
Access to lateral directories when using app.static if using encoded %2F URLs. Parent directory traversal is not impacted.
Patches
v20.12.7 (LTS)
v21.12.2 (LTS)
v22.6.1
References
https://github.com/sanic-org/sanic/issues/2478
https://github.c…
[fof/byobu] Byobu user preference to prevent private discussions being started are not respected
Impact
Users electing to prevent others starting private discussions with themselves.
Please note that admins and others with appropriate permissions can always bypass this preference, as was the case before.
Patches
Users of Byobu should update the …
[websocket] Rust-WebSocket memory allocation based on untrusted length
Impact
Untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server.
The root cause of the issue is during dataframe parsing.
Affected versions would allocate a buffer based on the declared dataframe size, whic…
[next-auth] NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails
Impact
next-auth users who are using the EmailProvider either in versions before 4.10.3 or 3.29.10 are affected.
If an attacker could forge a request that sent a comma-separated list of emails (eg.: attacker@attacker.com,victim@victim.com) to the sign-…