rdiffweb prior to 2.4.8 is vulnerable to a potential Dos attack via an unlimited length “username” field. This can result in excess memory consumption, or memory corruption, leading to a Denial of Service (DoS). This issue is patched in version 2.4.8. …
[rdiffweb] rdiffweb’s unlimited length email field can lead to DoS
rdiffweb prior to 2.4.8 does not validate email length, allowing users to insert an email longer than 255 characters. If a user signs up with an email with a length of 1 million or more characters and logs in, withdraws, or changes their email, the ser…
[rdiffweb] rdiffweb vulnerable to potential DoS via memory consumption
rdiffweb prior to 2.4.8 is vulnerable to a potential Dos attack via an unlimited length “title” field when adding an SSH key.
This can result in excess memory consumption, leading to a Denial of Service (DoS). This issue is patched in version 2.4.8. Th…
[dompdf/dompdf] Dompdf allows remote file inclusion because URI validation failure does not halt font registration
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-41343
http…
[@hapi/hoek] hoek subject to prototype pollution via the clone function.
hoek versions prior to 8.5.1, and 9.x prior to 9.0.3 are vulnerable to prototype pollution in the clone function. If an object with the proto key is passed to clone() the key is converted to a prototype. This issue has been patched in version 9.0.3, an…
[github.com/hyperledger/fabric] Hyperledger Fabric subject to Denial of Service via non-validated request
A vulnerability exists in Hyperledger Fabric < 2.4 could allow an attacker to construct a non-validated request that could cause a denial of service attack. The peer gateway service tries to extract channel and chaincode information from the signed…
[@lionello/secp256k1-js] secp256k1-js implements ECDSA without required r and s validation, leading to signature forgery
The secp256k1-js package before 1.1.0 for Node.js implements ECDSA without required r and s validation, leading to signature forgery.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-41340
https://github.com/lionello/secp256k1-js/issues/11
https:/…
[github.com/mohammed90/caddy-ssh] Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library
Not invoking a call to pam_acct_mgmt after a call to pam_authenticate to check the validity of a login can lead to an authorization bypass.
Impact
Exploitability
The attack can be carried over the network. A complex non-standard configuration or a spec…
[org.keycloak:keycloak-parent] Keycloak SAML javascript protocol mapper: Uploading of scripts through admin console
An issue was discovered in Keycloak allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled
References
https://github.com/keycloak/keycloak/security/advisories/GHSA-wf7g-7h6h-678v
https://…
[github.com/treeverse/lakefs] lakeFS vulnerable to authenticated users deleting files they are not authorized to delete
Impact
Authenticated users can send a request to delete-objects through the s3 gateway and delete files they are not authorized to delete.
Patches
lakeFS v0.82.0 and later
Workarounds
Drop specific request to the lakeFS listen port. Any request with “A…