SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent years have been the result of SQL injection attacks, leading to r…
[librenms/librenms] Cross-site Scripting in librenms/librenms
A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with …
[librenms/librenms] Deserialization of Untrusted Data in librenms/librenms
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-3525
https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
https://huntr.dev…
[cgi] HTTP response splitting in CGI
Ruby gem cgi.rb prior to versions 0.3.5, 0.2.2 and 0.1.0.2 allow HTTP header injection. If a CGI application using the CGI library inserts untrusted input into the HTTP response header, an attacker can exploit it to insert a newline character to split …
[github.com/lightningnetwork/lnd] Witness Block Parsing DoS Vulnerability
Impact
All lnd nodes before version v0.15.4 are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. O…
[github.com/hashicorp/consul] Missing Authorization in HashiCorp Consul
HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering’s imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-3920
https://discu…
[wsgidav] Cross Site Scripting vulnerability in wsgidav when directory browsing is enabled
Impact
Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks.
Patches
Users can upgrade to v4.1.0
Workarounds
Set dir_browser.enable = False in the configuration. For instance, when …
[github.com/russellhaering/gosaml2] gosaml2 is vulnerable to NULL Pointer Dereference
Impact
In versions prior to v0.7.0 it was possible for an attacker to supply an invalid assertion which would trigger a panic due to a nil-pointer dereference.
Patches
The issue was patched in v0.7.0, released on March 2, 2022.
Workarounds
Callers to g…
[org.apache.archiva:archiva-common] Apache Archiva vulnerable to Sensitive Information Disclosure via anonymous user
Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files. If anonymous read enabled, it’s possible to read the database file directly without logging in.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40308
https://list…
[com.liferay.portal:release.portal.bom] Path Traversal in Liferay Portal
A Zip slip vulnerability in the Elasticsearch Connector in Liferay Portal 7.3.3 through 7.4.3.18, and Liferay DXP 7.3 before update 6, and 7.4 before update 19 allows attackers to create or overwrite existing files on the filesystem via the installatio…