Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-qwqh-hm9m-p5hr: angular vulnerable to regular expression denial of service via the <input type="url"> element

All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.

ghsa
Open in Source
#vulnerability#dos#git
GHSA-v3hp-mcj5-pg39: HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File

HashiCorp Vault and Vault Enterprise versions 0.8.0 until 1.13.1 are vulnerable to an SQL injection attack when using the Microsoft SQL (MSSQL) Database Storage Backend. When configuring the MSSQL plugin, certain parameters are required to establish a connection (schema, database, and table) are not sanitized when passed to the user-provided MSSQL database. A privileged attacker with the ability to write arbitrary data to Vault's configuration may modify these parameters to execute a malicious SQL command when the Vault configuration is applied. This issue is fixed in versions 1.13.1, 1.12.5, and 1.11.9.

GHSA-6g43-88cp-w5gv: Prototype pollution in matrix-react-sdk

### Impact In certain configurations, data sent by remote servers containing special strings in key locations could cause modifications of the `Object.prototype`, disrupting matrix-react-sdk functionality, causing denial of service and potentially affecting program logic. (This is part 2, where [CVE-2022-36060](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36060) / [GHSA-2x9c-qwgf-94xr](https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-2x9c-qwgf-94xr) is part 1. Part 2 covers remaining vectors not covered by part 1, found in a codebase audit scheduled after part 1.) ### Patches This is fixed in matrix-react-sdk 3.69.0 ### Workarounds None. ### References - [Release blog post](https://matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0) - The advisory [GHSA-2x9c-qwgf-94xr](https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-2x9c-qwgf-94xr) ([CVE-2022-36060](https://cve.mitre.org/cgi-bin/cv...

GHSA-7j98-h7fp-4vwj: smarty Cross-site Scripting vulnerability in Javascript escaping

### Impact An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. ### Patches Please upgrade to the most recent version of Smarty v3 or v4. ### For more information If you have any questions or comments about this advisory please open an issue in [the Smarty repo](https://github.com/smarty-php/smarty)

GHSA-rp78-4562-gx3c: pimcore is vulnerable to cross-site scripting in translate module

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20.

GHSA-3r5c-h7g6-cqw7: pimcore is vulnerable to cross-site scripting in classes module

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.

GHSA-69fc-v223-6rjw: Pimcore Cross-site scripting in Predefined Asset Metadata module in Settings

Cross-site Scripting (XSS) - Generic in GitHub repository pimcore/pimcore prior to 10.5.20.

GHSA-6mmf-qm37-pmgg: Pimcore vulnerable to Reflected XSS in Predefined Properties module in Settings

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.20.

GHSA-2x9c-qwgf-94xr: matrix-react-sdk Prototype pollution vulnerability

### Impact Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear functional, though certain rooms/events will not be rendered. ### Patches This is fixed in matrix-react-sdk 3.53.0 ### Workarounds There are no workarounds. Please upgrade immediately. ### References https://learn.snyk.io/lessons/prototype-pollution/javascript/ ### For more information If you have any questions or comments about this advisory please email us at [security at matrix.org](mailto:[email protected]).

GHSA-rfv9-x7hh-xc32: matrix-js-sdk Prototype Pollution vulnerability

### Impact Events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. ### Patches This is fixed in matrix-js-sdk 19.4.0. ### Workarounds Redacting applicable events, waiting for the sync processor to store data, and restarting the client can often fix it. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible. ### References https://learn.snyk.io/lessons/prototype-pollution/javascript/ ### For more information If you have any questions or comments about this advisory please email us at [security at matrix.org](mailto:[email protected]).