When the host header does not match a configured host, twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.
Example configuration:
from twi…
[jupyter-core] Execution with Unnecessary Privileges in JupyterApp
Impact
What kind of vulnerability is it? Who is impacted?
We’d like to disclose an arbitrary code execution vulnerability in jupyter_core that stems from jupyter_core executing untrusted files in the current working directory. This vulnerability allows…
[apache-iotdb] Apache IoTDB subject to ReDOS with Java 8
Apache IoTDB versions 0.12.2 through 0.12.6, and 0.13.0 through 0.13.2 are vulnerable to a Denial of Service attack when accepting untrusted patterns for REGEXP queries with Java 8. This issue is patched in 0.13.3. Users should upgrade or use a later v…
[org.apache.linkis:linkis] Apache Linkis subject to Remote Code Execution via deserialization
In Apache Linkis <=1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and ma…
[org.apache.flume:flume-parent] Apache Flume vulnerable to remote code execution via deserialization of unsafe providerURL
Flume’s JMSSource class can be configured with a providerUrl parameter. A JNDI lookup is performed on this name without performing validation. This could result in untrusted data being deserialized, leading to remote code execution (RCE) attack when a …
[badaso/core] Badaso vulnerable to Remote Code Execution via malicious file upload
Badaso allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-417…
[joyqi/hyper-down] HyperDown vulnerable to Cross-site Scripting
HyperDown is a markdown parser written for the Chinese website SegmentFault. Improper validation of the href attribute allows for Cross-site Scripting. At publication there are no patched versions, and no known workarounds.
References
https://nvd.nist…
[socket.io-parser] Insufficient validation when decoding a Socket.IO packet
Due to improper type validation in the socket.io-parser library (which is used by the socket.io and socket.io-client packages to encode and decode Socket.IO packets), it is possible to overwrite the _placeholder object which allows an attacker to place…
[feathers-sequelize] feathers-sequelize vulnerable to SQL injection due to improper parameter filtering
feathers-sequelize is vulnerable to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-29822
https://csirt.divd.nl/cases/DIVD-2022-00020
https://csi…
[feathers-sequelize] Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution
Feather-Sequelize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-2982…