This affects all versions of package Flask-Security. When using the get_post_logout_redirect and get_post_login_redirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such …
[github.com/supranational/blst] Blst vulnerable to incorrect results for some inputs in blst_fp_eucl_inverse function
Impact
Blst versions v0.3.0 to v0.3.2 can produce the incorrect outputs for some inputs to the blst_fp_eucl_inverse function. This could theoretically result in the creation of an invalid signature from correct inputs. However, fuzzing of higher level …
[github.com/tendermint/tendermint/evidence] Tendermint Core vulnerable to Uncontrolled Resource Consumption
Description
Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, we added a new Timestamp field to Evidence structs. This timestamp would be calculated using the same algorithm that is used when a block is …
[go.etcd.io/etcd/client/v3] etcd has no minimum password length
Vulnerability type
Access Control
Workarounds
The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. It is the responsibility of the administrator to enforce these requirements.
Detai…
[go.etcd.io/etcd/v3] etcd’s WAL `ReadAll` method vulnerable to an entry with large index causing panic
Vulnerability type
Data Validation
Detail
In the ReadAll method in wal/wal.go, it is possible to have an entry index greater then the number of entries. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd conse…
[github.com/sylabs/sif/v2] SIF’s Digital Signature Hash Algorithms Not Validated
Impact
The github.com/sylabs/sif/v2/pkg/integrity package does not verify that the hash algorithm(s) used are cryptographically secure when verifying digital signatures.
Patches
A patch is available in version >= v2.8.1 of the module. Users are enco…
[kamadak-exif] kamadak-exif vulnerable to Infinite loop when parsing PNG files
Impact
Reader::read_from_container can cause an infinite loop when a crafted PNG file is given.
Patches
Version 0.5.3 includes the fix.
Workarounds
No workaround is available.
Applications that do not pass files with the PNG signature to Reader::read_f…
[commons-jxpath:commons-jxpath] JXPath Out-of-bounds Write vulnerability
Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a deni…
[commons-jxpath:commons-jxpath] JXPath Out-of-bounds Write vulnerability
Those using JXPath to interpret XPath may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a deni…
[rdiffweb] rdiffweb allows a new password to be the same as the previous password
rdiffweb prior to 2.5.0a4 allows users to set their new password to be the same as the old password during a password reset. Version 2.5.0a4 enforces a password policy in which a new password cannot be the same as the old one.
References
https://nvd.n…