Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-cfh2-7f6h-3m85: Access bypass in Drupal Core

Drupal core form API evaluates form element access incorrectly. This can lead to a user being able to alter data they should not have access to.

ghsa
Open in Source
#git
GHSA-wq8f-xmq3-5vq9: Remote code execution in broccoli-compass

broccoli-compass v0.2.4 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function.

GHSA-88qf-5f3v-pm6m: Remote code execution in dawnsparks-node-tesseract

dawnsparks-node-tesseract before 0.4.1 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function.

GHSA-5cx2-vq3h-x52c: Missing check for default SECRET_KEY

Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset administrators who have changed the default value for SECRET_KEY config.

GHSA-qvc4-78gw-pv8p: Adverserial use of `make_bitflags!` macro can cause undefined behavior

The macro relied on an expression of the form `Enum::Variant` always being a variant of the enum. However, it may also be an associated integer constant, in which case there's no guarantee that the value of said constant consists only of bits valid for this bitflag type. Thus, code like this could create an invalid `BitFlags<Test>`, which would cause iterating over it to trigger undefined behavior. As the debug formatter internally iterates over the value, it is also affected. ```rust use enumflags2::{bitflags, make_bitflags}; #[bitflags] #[repr(u8)] #[derive(Copy, Clone, Debug)] enum Test { A = 1, B = 2, } impl Test { const C: u8 = 69; } fn main() { let x = make_bitflags!(Test::{C}); // printing or iterating over x is UB } ```

GHSA-7x6q-3v3m-cwjg: kiwi TCMS has possibility for user to update email address to unverified one

### Impact In previous versions of Kiwi TCMS users were able to update their email addresses via the "My profile" admin page. This page allowed them to change the email address registered with their account without the ownership verification performed during account registration. ### Patches With Kiwi TCMS v12.2 or later it is not possible to edit the email field associated with a user account! ### Workarounds No workaround exists. ### References Disclosed by [@novemberdad](https://huntr.dev/bounties/1714df73-e639-4d64-ab25-ced82dad9f85/).

GHSA-f9xv-q969-pqx4: Uncaught Exception in yaml

Uncaught Exception in GitHub repository eemeli/yaml prior to 2.2.2.

GHSA-4r6h-8v6p-xvw6: Prototype Pollution in sheetJS

All versions of SheetJS CE through 0.19.2 are vulnerable to "Prototype Pollution" when reading specially crafted files. Workflows that do not read arbitrary files (for example, exporting data to spreadsheet files) are unaffected.

GHSA-3862-c622-v4fp: Cross-site Scripting in Backdrop CMS

A stored Cross-site scripting (XSS) issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type (e.g., page, post, or card) as an admin, the stored XSS payload is executed upon selecting a malicious text formatting option. NOTE: the vendor disputes the security relevance of this finding because "any administrator that can configure a text format could easily allow Full HTML anywhere."

GHSA-h83h-77x2-6w6g: Information exposure in microweber

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository microweber/microweber prior to 1.3.4.