Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-2ffp-w665-9mgx: Cross Site Scripting in nilsteampassnet/teampass

nilsteampassnet/teampass prior to 3.0.7 is vulnerable to cross site scripting (XSS) from item names within a folder.

ghsa
#xss#git
GHSA-vjr2-wpfh-5r9p: Apache Ranger Hive Plugin missing permissions check

An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled This issue affects Apache Ranger Hive Plugin: from 2.0.0 through 2.3.0. Users are recommended to upgrade to version 2.4.0 or later.

GHSA-wf7x-fh6w-34r6: Path Traversal in Ghost

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.

GHSA-4m7v-wr6v-2mw5: AzuraCast missing brute force prevention

The request rate limiting feature on the login page of AzuraCast before version 0.18.3 can be bypassed, which could allow an attacker to brute force login credentials.

GHSA-jmp2-wc4p-wfh2: Mutagen list and monitor operations do not neutralize control characters in text controlled by remote endpoints

### Impact Mutagen command line operations, as well as the log output from `mutagen daemon run`, are susceptible to control characters that could be provided by remote endpoints. This can cause terminal corruption, either intentional or unintentional, if these characters are present in error messages, file paths/names, and/or log output. This could be used as an attack vector if synchronizing with an untrusted remote endpoint, synchronizing files not under control of the user, or forwarding to/from an untrusted remote endpoint. On very old systems with terminals susceptible to issues such as [CVE-2003-0069](https://nvd.nist.gov/vuln/detail/CVE-2003-0069), the issue could theoretically cause code execution. ### Patches The problem has been patched in Mutagen v0.16.6 and v0.17.1. Earlier versions of Mutagen are no longer supported and will not be patched. Versions of Mutagen after v0.18.0 will also have the patch merged. One caveat is that the templating functionality of Mutage...

GHSA-vpf7-r2fv-75m9: Uncontrolled Resource Consumption in OPC UA .NET Standard Reference Server

This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows remote attackers to send malicious requests that consume all memory available to the server. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-27321.pdf

GHSA-4cvp-hr63-822j: Exposure of Sensitive Information in OPC UA .NET Standard Reference Server

This security update resolves a vulnerability in the OPC UA .NET Standard Reference Server that allows remote attackers to send malicious requests that expose sensitive information. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf

GHSA-fwj4-72fm-c93g: Under-validated ComSpec and cmd.exe resolution in Mutagen projects

### Impact Mutagen projects offer shell-based execution functionality. On Windows, the shell is resolved using the standard `%ComSpec%` mechanism, with a fallback to a `%PATH%`-based search for `cmd.exe`. While this is the standard practice on Windows systems, it presents somewhat risky behavior. Firstly, `%ComSpec%` could, in theory, be set maliciously. Unfortunately, there's not much that can be done to prevent this attack surface, because `%ComSpec%` is the official mechanism for shell specification on Windows. We can, however, validate that it points to an absolute path, which one would expect for a properly set value. Secondly, a fallback to a relative `cmd.exe` path, resolved via `%PATH%`, could be risky. The risk is largely mitigated by changes in Go 1.19 and later, but prior to that a malicious `cmd.exe` could been resolved in the current working directory. To mitigate this issue, Mutagen now uses the `%SystemRoot%` environment variable (also validated to be an absolut...

GHSA-jj45-24rw-v6jw: Cross-site scripting in TotalJS

A stored cross-site scripting (XSS) vulnerability in TotalJS allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field in the settings module.

GHSA-3vp4-m3rf-835h: Improper input validation in github.com/gin-gonic/gin

Versions of the package github.com/gin-gonic/gin before 1.9.0 are vulnerable to Improper Input Validation by allowing an attacker to use a specially crafted request via the X-Forwarded-Prefix header, potentially leading to cache poisoning. **Note:** Although this issue does not pose a significant threat on its own it can serve as an input vector for other more impactful vulnerabilities. However, successful exploitation may depend on the server configuration and whether the header is used in the application logic.