GitHub

[steal] steal vulnerable to Regular Expression Denial of Service via input variable in main.js

Posted inLOW
Posted byGitHub
09/16/202209/22/2022

A Regular Expression Denial of Service (ReDoS) flaw was found in stealjs steal via the input variable in main.js.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-37260
https://github.com/stealjs/steal/issues/1529
https://github.com/stealjs/steal/…

[org.eclipse.milo:sdk-server] Eclipse Milo vulnerable to Resource Exhaustion (Denial of Service)

Posted inHIGH
Posted byGitHub
09/15/2022

Impact
Denial of Service
Details
OPC UA specification describes a concept named Subscriptions. Subscriptions monitor a set of Monitored Items for Notifications and return them to the Client in response to Publish requests. The server notifies the clien…

[tuf] Python-TUF vulnerable to incorrect threshold signature computation for new root metadata

Posted inLOW
Posted byGitHub
09/15/202209/15/2022

Impact
The function _verify_root_self_signed(), introduced in v0.14.0, and which verifies self-signatures in a new root metadata file, counted multiple signatures by any new root key towards the new threshold. That is, any single new root key could the…

[github.com/gravitl/netmaker] Netmaker before 0.15.1 vulnerable to Insufficient Granularity of Access Control

Posted inHIGH
Posted byGitHub
09/15/202209/15/2022

Impact
Improper Authorization functions leads to non-privileged users running privileged API calls. If you have added users to your Netmaker platform who whould not have admin privileges, they could use their auth token to run admin-level functions via…

[github.com/matrix-org/dendrite] Dendrite signature checks not applied to some retrieved missing events

Posted inHIGH
Posted byGitHub
09/15/202209/15/2022

Impact
Events retrieved from a remote homeserver using /get_missing_events did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this endpoint.
Note that th…

[typo3/cms-core] TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection

[matrix-appservice-irc] matrix-appservice-irc vulnerable to IRC mode parameter confusion

Impact
IRC allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such modes incorrectly, potentially resulting in the wro…

[matrix-appservice-irc] Parsing issue in matrix-org/node-irc leading to room takeovers

Posted inHIGH
Posted byGitHub
09/15/202209/16/2022

Impact
Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel.
Patched
The vulnerability has b…

[Microsoft.AspNetCore.App.Runtime.linux-arm64] .NET Denial of Service Vulnerability

Posted inHIGH
Posted byGitHub
09/15/202210/11/2022

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET Core 3.1 and .NET 6.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability.
A denial…

[axum-core] axum-core has no default limit put on request bodies

Posted inHIGH
Posted byGitHub
09/15/202209/20/2022

<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and…

トピトピニュース

Featured

[github.com/crewjam/saml] crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication

[org.keycloak:keycloak-core] Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown

[bitlyshortener] Package discontinued because Bitly lowered the free quota

[baserproject/basercms] baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability