Impact
An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where sensitive fields, like passwords, API keys and Rancher’s service account token (used to provision clusters), were stored in plaintext directly on Kubernetes o…
[org.keycloak:keycloak-parent] Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles
A Stored XSS vulnerability was reported in the Keycloak Security mailing list, affecting all the versions of Keycloak, including version 19.0.1. The vulnerability allows a privileged attacker to execute malicious scripts in the admin console, abusing o…
[org.keycloak:keycloak-parent] Keycloak SAML javascript protocol mapper: Uploading of scripts through admin console
An issue was discovered in Keycloak allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled
References
https://github.com/keycloak/keycloak/security/advisories/GHSA-wf7g-7h6h-678v
https://…
[github.com/treeverse/lakefs] lakeFS vulnerable to authenticated users deleting files they are not authorized to delete
Impact
Authenticated users can send a request to delete-objects through the s3 gateway and delete files they are not authorized to delete.
Patches
lakeFS v0.82.0 and later
Workarounds
Drop specific request to the lakeFS listen port. Any request with “A…
[com.liferay.portal:release.portal.bom] Liferay Portal Missing Authorization vulnerability
The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, and Liferay DXP 7.3 before update 10, and 7.4 before update 35 does not check user permission before showing the preview of a “Content Page” type page, allowing attackers to view unpublished…
[github.com/hashicorp/vault] HashiCorp Vault vulnerable to incorrect metadata access
An issue was discovered in HashiCorp Vault and Vault Enterprise before 1.11.3. A vulnerability in the Identity Engine was found where, in a deployment where an entity has multiple mount accessors with shared alias names, Vault may overwrite metadata to…
[soap:soap] Apache SOAP’s RPCRouterServlet allows reading of arbitrary files over HTTP
An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previou…
[org.apache.xmlgraphics:batik] Apache Batik vulnerable to Server-Side Request Forgery
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to fetch external resources. This issue affects Apache XML Graphics Batik 1.14.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-38648
https://list…
[org.apache.xmlgraphics:batik] Apache Batik vulnerable to Server-Side Request Forgery
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40146
https://…
[org.apache.xmlgraphics:batik] Apache Batik Server-Side Request Forgery
Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to load a url thru the jar protocol. This issue affects Apache XML Graphics Batik 1.14.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-38398
http…