<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and…
[pageflow] Pageflow vulnerable to insecure direct object reference in membership update endpoint
Impact
Pageflow has a membership edit feature which allows users to edit the roles of user memberships associated with an account that they have the manager role to (including their own). While the Entity dropdown select field is greyed out in the UI, …
[pageflow] Pageflow vulnerable to sensitive user data extraction via Ransack query injection
Impact
The attack allows extracting sensitive properties of database objects that are associated with users or entries belonging to an account that the attacker has access to.
Pageflow uses the ActiveAdmin Ruby library to provide some management featur…
[kubevirt.io/kubevirt] KubeVirt vulnerable to arbitrary file read on host
Impact
Users with the permission to create VMIs can construct VMI specs which allow them to read arbitrary files on the host. There are three main attack vectors:
Some path fields on the VMI spec were not properly validated and allowed passing in rela…
[axum-core] Duplicate of GHSA-m77f-652q-wwp4
Duplicate advisory
This advisory is a duplicate of GHSA-m77f-652q-wwp4. This link is maintained to preserve external references.
Original Description
<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a lim…
[rdiffweb] rdiffweb 2.4.1 vulnerable to Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
rdiffweb version 2.4.1 is vulnerable to Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute. This makes it so that a user’s cookies can be sent to the server with an unencrypted request over the HTTP protocol. Version 2.4.2 contains a fix for …
[org.craftercms:craftercms] CrafterCMS OS Command Injection vulnerability
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40635
https://…
[org.craftercms:craftercms] CrafterCMS Improperly Controls Dynamically-Managed Code Resources
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-40634
https://docs.c…
[rdiffweb] rdiffweb before 2.4.2 contains Weak Password Requirements
rdiffweb prior to 2.4.2 has no password policy or password checking, which could make users vulnerable to brute force password guessing attacks. Version 2.4.2 enforces minimum and maximum password lengths.
References
https://nvd.nist.gov/vuln/detail/C…
[routinator] NLnet Labs Routinator has Reachable Assertion vulnerability
In NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files which are not correctly base 64 encoded are treated as a fatal error and causes Routinator to exit. Worst case impact o…