Overview
The issue lies in the implementation of the cell_project macro which used field as *const _ instead of field as *mut _.
The problem being that *const T is covariant in T while *mut T is invariant in T. Keep in mind that &Cell<T> is i…
[org.xwiki.platform:xwiki-platform-web-templates] XWiki Cross-Site Request Forgery (CSRF) for actions on tags
Impact
It’s possible to perform a CSRF attack for adding or removing tags on XWiki pages.
Patches
The problem has been patched in XWiki 13.10.5 and 14.3.
Workarounds
It’s possible to fix the issue without upgrading by locally modifying the documentTa…
[shopware/shopware] Shopware contains sensitive data in backend customer module
Impact
The request for the customer detail view in the backend administration contained sensitive data like the hashed password and the session ID.
Patches
We recommend updating to the current version 5.7.15. You can get the update to 5.7.15 regularly …
[shopware/shopware] Shopware access control list bypassed via crafted specific URLs
Impact
If backend admin controllers are called with a certain notation, the ACL could be bypassed. Users could execute actions, which they are normally not able to do.
Patches
We recommend updating to the current version 5.7.15. You can get the update …
[github.com/moby/moby] Moby supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supp…
[github.com/goharbor/harbor] Harbor fails to validate the user permissions when updating a robot account
Impact
Harbor fails to validate the user permissions when updating a robot account that
belongs to a project that the authenticated user doesn’t have access to. API call:
PUT /robots/{robot_id}
By sending a request that attempts to update a robot accou…
[github.com/goharbor/harbor] Harbor fails to validate the user permissions when updating tag immutability policies
Impact
Harbor fails to validate the user permissions when updating tag immutability policies – API call:
PUT /projects/{project_name_or_id}/immutabletagrules/{immutable_rule_id}
By sending a request to update a tag immutability policy with an id that…
[tauri] Tauri’s readDir Endpoint Scope can be Bypassed With Symbolic Links
Impact
Due to missing canonicalization when readDir is called recursively, it was possible to display directory listings outside of the defined fs scope. This required a crafted symbolic link or junction folder inside an allowed path of the fs scope. N…
[github.com/sigstore/cosign] Cosign bundle can be crafted to successfully verify a blob even if the embedded rekorBundle does not reference the given signature
Summary
A number of vulnerabilities have been found in cosign verify-blob, where Cosign would successfully verify an artifact when verification should have failed.
Vulnerability 1: Bundle mismatch causes invalid verification.
Summary
A cosign bundle ca…
[typo3/html-sanitizer] TYPO3 HTML Sanitizer Bypasses Cross-Site Scripting Protection
Meta
CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C (5.7)
Problem
Due to a parsing issue in upstream package masterminds/html5, malicious markup used in a sequence with special HTML comments cannot be filtered and sanitized. This …