Impact
All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. O…
[github.com/oam-dev/kubevela] List helm chart endpoint of VelaUX APIserver has SSRF vulnerability
Impact
Users using the VelaUX APIServer could be affected by this vulnerability.
When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability.
Patches
For users …
[dolibarr/dolibarr] Dolibarr vulnerable to privilege escalation
Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-43138
https://www.exploit-db.com/exploits/50248
https://github.com/Dolibarr/…
[rdiffweb] Rdiffweb vulnerable to Missing Authentication for Critical Function
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-4018
https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095
https://…
[github.com/hashicorp/consul] Missing Authorization in HashiCorp Consul
HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering’s imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-3920
https://discu…
[org.apache.sshd:sshd-common] Unsafe deserialization in Apache MINA SSHD
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apach…
[wsgidav] Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled
Impact
Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks.
Patches
Users can upgrade to v4.1.0
Workarounds
Set dir_browser.enable = False in the configuration. For instance, when …
[github.com/russellhaering/gosaml2] gosaml2 is vulnerable to NULL Pointer Dereference
Impact
In versions prior to v0.7.0 it was possible for an attacker to supply an invalid assertion which would trigger a panic due to a nil-pointer dereference.
Patches
The issue was patched in v0.7.0, released on March 2, 2022.
Workarounds
Callers to g…
[org.apache.archiva:archiva-common] Apache Archiva vulnerable to Sensitive Information Disclosure via anonymous user
Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files. If anonymous read enabled, it’s possible to read the database file directly without logging in.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40308
https://list…
[org.apache.archiva:archiva-common] Apache Archiva subject to arbitrary directory deletion by users.
Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories. Users with write permissions to a repository can delete arbitrary directories.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40309
https://lists.apache….