CRITICAL

[apache-airflow] Apache Airflow Session Fixation vulnerability

In Apache Airflow versions 2.2.4 through 2.3.3, the database webserver session backend was susceptible to session fixation.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-38054
https://lists.apache.org/thread/rsd3h89xdp16rg0ltovx3m7q3ypkxsbb
htt…

[lz4-sys] lz4-sys vulnerable to memory corruption via issue in liblz4

Posted inCRITICAL
Posted byGitHub
09/02/2022

lz4-sys up to v1.9.3 bundles a version of liblz4 that is vulnerable to
CVE-2021-3520.
Attackers could craft a payload that triggers an integer overflow upon
decompression, causing an out-of-bounds write.
The flaw has been corrected in version v1.9.4 of…

[io.quarkus:quarkus-core-parent] Quarkus does not terminate HTTP requests header context

Quarkus is a Cloud Native, (Linux) Container First framework for writing Java applications. It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior. This issue was fixed in version 2.10….

[nvflare] NVFLARE unsafe deserialization due to Pickle

Impact
NVFLARE contains a vulnerability where deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.
All ver…

[@pendo324/get-process-by-name] @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution

All versions of package @pendo324/get-process-by-name are vulnerable to Arbitrary Code Execution due to improper sanitization of getProcessByName function.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-25644
https://github.com/pendo324/get-proc…

[morgan-json] morgan-json vulnerable to Arbitrary Code Execution

All versions of package morgan-json are vulnerable to Arbitrary Code Execution due to missing sanitization of input passed to the Function constructor.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-25921
https://github.com/indexzero/morgan-json…

[exotel] exotel-py 0.1.6 includes code execution backdoor inserted by a third party

The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. Users should downgrade to version 0.1.5 to avoid the problem.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-38792
https://githu…

[org.keycloak:keycloak-core] Keycloak allows anyone to register new security device or key for any user by using WebAuthn password-less login flow

A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow.
References

https://nvd.nist.gov/vuln/det…

[omniauth] OmniAuth’s `lib/omniauth/failure_endpoint.rb` does not escape `message_key` value

lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-36599
https://github.com/omniauth/omniauth/commit/43a396f181ef7d0ed2ec8291c939c95e3e…

[AgileConfig.Client] Use of Hard-coded Credentials in AgileConfig.Client

Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-35540
https://github.com/dotnetcore/AgileConfig/issues/91
ht…

トピトピニュース

Featured

[github.com/crewjam/saml] crewjam/saml vulnerable to signature bypass via multiple Assertion elements due to improper authentication

[org.jeecgframework.boot:jeecg-boot-common] Jeecg-boot vulnerable to SQL Injection

[electron] Heap buffer overflow in GPU

[wger] wger vulnerable to brute force attempts