Impact
This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state.
In this case affected versions of Tremor and the tremor-script crate maintains references to memory that might have been freed al…
[@openzeppelin/contracts-upgradeable] UUPSUpgradeable vulnerability in @openzeppelin/contracts
Impact
Upgradeable contracts using UUPSUpgradeable may be vulnerable to an attack affecting uninitialized implementation contracts. We will update this advisory with more information soon.
Patches
A fix is included in version 4.3.2 of @openzeppelin/con…
[pillow] Uncontrolled Resource Consumption in pillow
The package pillow from 0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-23437
https://github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd…
[degenerator] Code Injection in pac-resolver
This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same mainta…
[slock] Slock allows sending non-Send types across thread boundaries
Slock<T> unconditionally implements Send/Sync.
Affected versions of this crate allows sending non-Send types to other threads,
which can lead to data races and memory corruption due to the data race.
References
https://github.com/BrokenLamp/sloc…
[heapless] Use after free in heapless
An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed.
References
https://nvd.nist.gov/vuln/detail/CVE-…
[rulinalg] Data races in rulinalg
An issue was discovered in the rulinalg crate through 2020-02-11 for Rust. There are incorrect lifetime-boundary definitions for RowMut::raw_slice and RowMut::raw_slice_mut.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-35879
https://github.com…
[arrayfire] Potential memory corruption in arrayfire
An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr() attribute to an enum is mishandled, leading to memory corruption.
References
https://nvd.nist.gov/vuln/detail/CVE-2018-20998
https://github.com/arrayfire/arra…
[jszip] Prototype Pollution
This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g proto, toString, etc) results in a returned object with a modified prototype instance.
References
https://nvd.nist.gov/vuln/detail/…
[org.elasticsearch:elasticsearch] Denial of Service in Elasticsearch
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsear…