Impact
Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or modified content, typically but not necessarily limited to administrators and editors.
Patches
Resolving versions: Ibexa DXP v1.0.13, v2.3…
[wasmtime] Wasmtime may have data leakage between instances in the pooling allocator
Impact
There is a bug in Wasmtime’s implementation of it’s pooling instance allocator where when a linear memory is reused for another instance the initial heap snapshot of the prior instance can be visible, erroneously to the next instance. The poolin…
[@redwoodjs/api] Redwood is vulnerable to account takeover via dbAuth “forgot-password”
Impact
What kind of vulnerability is it? Who is impacted?
This is an API vulnerability in Redwood’s [dbAuth], specifically the dbAuth forgot password feature:
only projects with the dbAuth “forgot password” feature are affected
this vulnerability was …
[parse-server] Parse Server is vulnerable to Prototype Pollution via Cloud Code Webhooks
Impact
A compromised Parse Server Cloud Code Webhook target endpoint allows an attacker to use prototype pollution to bypass the Parse Server requestKeywordDenylist option.
Patches
Improved keyword detection.
Workarounds
None.
Collaborators
Mikhail Shc…
[github.com/istio/istio] Istio may allow identity impersonation if user has localhost access
Impact
User can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane.
Patches
1.15.3
Workarounds
No. If using 1.15.2 please upgrade to 1.15.3 or later.
References
None at this time.
For mor…
[parse-server] Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers
Impact
Keywords that are specified in the Parse Server option requestKeywordDenylist can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the requestKeywordDenylist option.
Patches
…
[org.eclipse.californium:scandium] Failing DTLS handshakes may cause throttling to block processing of records
Impact
Failing handshakes didn’t cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it…
[octocat.js] Withdrawn: Octocat.js vulnerable to code injection
Withdrawn
This advisory has been withdrawn because it is a test.
Original Description
Impact
Users can include their own images for accessories via provided URLs. These URLs are not validated and can result in execution of injected code.
Patches
This v…
[@fastify/websocket] fastify/websocket vulnerable to uncaught exception via crash on malformed packet
Impact
Any application using @fastify/websocket could crash if a specific, malformed packet is sent.
All versions of fastify-websocket are also impacted. That module is deprecated, so it will not be patched.
Patches
This has been patched in v7.1.1 (fa…
[org.apache.bcel:bcel] Apache Commons BCEL vulnerable to out-of-bounds write
Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications …