Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-4j2x-v3mr-467m: Jeecg-boot vulnerable to SQL injection via updateNullByEmptyString

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.

ghsa
Open in Source
#sql#vulnerability#git
GHSA-v87q-rpwp-qr7q: Jeecg-boot vulnerable to SQL Injection

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.

GHSA-25gv-mvm7-5h3h: Jeecg-boot vulnerable to SQL injection via /sys/user/putRecycleBin

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.

GHSA-82h9-v8vh-mfpq: Browsershot vulnerable to Cross-Site Scripting (XSS)

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content passed to the Browsershot::html method does not contain URL's that use the file:// protocol.

GHSA-995f-9x5r-2rcj: Heap buffer overflow in GPU

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

GHSA-jvc3-wjf6-7c6c: Apache Dolphin Scheduler has insufficiently protected credentials

When using tasks to read config files, there is a risk of database password disclosure. We recommend you upgrade to version 2.0.6 or higher.

GHSA-gr58-76rp-mmg4: wger vulnerable to brute force attempts

Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.

GHSA-562r-vg33-8x8h: TemporaryFolder on unix-like systems does not limit access to created files

**Vulnerability** `PreparedStatement.setText(int, InputStream)` and `PreparedStatemet.setBytea(int, InputStream)` will create a temporary file if the InputStream is larger than 2k Example of vulnerable code: ``` String s = new String("some very large string greater than 2048 bytes) PreparedStatement.setText(1, s); ``` This will create a temporary file which is readable by other users on Unix like systems, but not MacOS. Impact On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. When analyzing the impact of this vulnerability, here are the important questions to ask: Is the driver running in an environment where the OS has other unt...

GHSA-22wj-vf5f-wrvj: Password exposure in H2 Database

The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states "This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that."

GHSA-8jh9-wqpf-q52c: sweetalert2 v8.19.1 and above contains hidden functionality

`sweetalert2` versions 8.19.1 and up until 9.0.0 are vulnerable to hidden functionality that was introduced by the maintainer. The package outputs audio and/or video messages that do not pertain to the functionality of the package and is not included in versions below 8.19.1. ### Workaround Use a version < 8.19.1 of the package until the maintainer releases a fix.