Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-p2fh-2h23-6grg: antfu/utils vulnerable to prototype pollution

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3.

ghsa
#git
GHSA-jqvr-j2vg-gjrv: Moov signedxml vulnerable to signature wrapping attack

In Moov signedxml through 1.0.0, parsing the raw XML (as received) can result in different output than parsing the canonicalized XML. Thus, signature validation can be bypassed via a Signature Wrapping attack (aka XSW).

GHSA-9wqr-5jp4-mjmh: Dolibarr vulnerable to remote code execution via uppercase manipulation

Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.

GHSA-r364-2pj4-pf7f: ruby-saml vulnerable to XPath injection

xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.

GHSA-8vw3-vxmj-h43w: bwm-ng vulnerable to command injection

All versions of the package bwm-ng are vulnerable to Command Injection due to improper input sanitization in the 'check' function in the bwm-ng.js file. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.

GHSA-wxrx-pc44-rcgc: keep-module-latest vulnerable to Command Injection due to missing input sanitization

All versions of the package keep-module-latest are vulnerable to Command Injection due to missing input sanitization or other checks and sandboxes being employed to the installModule function. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.

GHSA-549h-r7g9-2qpf: n158 vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function

All versions of the package n158 are vulnerable to Command Injection due to improper input sanitization in the 'module.exports' function. **Note:** To execute the code snippet and potentially exploit the vulnerability, the attacker needs to have the ability to run Node.js code within the target environment. This typically requires some level of access to the system or application hosting the Node.js environment.

GHSA-pvrc-wvj2-f59p: Pomerium vulnerable to Incorrect Authorization with specially crafted requests

### Impact With specially crafted requests, incorrect authorization decisions may be made by Pomerium. ### Patches We are releasing patch fixes to address this vulnerability going back to `v0.17.X`. Please upgrade to: - v0.22.2 - v0.21.4 - v0.20.1 - v0.19.2 - v0.18.1 - v0.17.4 ### For more information If you have any questions or comments about this advisory: - Open an issue in [pomerium/pomerium](https://github.com/pomerium/pomerium/issues) - Email us at [[email protected]](mailto:[email protected])

GHSA-frqx-jfcm-6jjr: malformed proposed intoto entries can cause a panic

### Impact A malformed proposed entry of the `intoto/v0.0.2` type can cause a panic on a thread within the Rekor process. The thread is recovered so the client receives a 500 error message and service still continues, so the availability impact of this is minimal. ### Patches This is fixed in v1.2.0 of Rekor. ### Workarounds No ### References Discovered by OSS-Fuzz

GHSA-c892-cwq6-qrqf: Keycloak vulnerable to untrusted certificate validation

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of "Cannot validate client certificate trust: Truststore not available". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. Considering the environment is correctly set to use "Revalidate Client Certificate" this flaw is avoidable.