ghsa

The function that calls the diff tool in versions of Diffy prior to 3.4.1 does not properly handle double quotes in a filename when run in a Windows environment. This allows attackers to execute arbitrary commands via a crafted string.

A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.

### Impact All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. ### Patches The problem has been patched in version 1.0.2. ### Workarounds There is no workaround besides upgrading. ### References The issue was originally reported in the react-letter repository: https://github.com/mat-sz/react-letter/issues/17 ### For more information If you have any questions or comments about this advisory: * Open an issue in [lettersanitizer](https://github.com/mat-sz/lettersanitizer/issues) * Email me at [[email protected]](mailto:[email protected])

### Impact A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of registered Kubernetes clusters, including the service account tokens in plain text from Weave GitOps's pod logs on the management cluster. An unauthorized remote attacker can also view these sensitive configurations from external log storage if enabled by the management cluster. This vulnerability is due to the client factory dumping cluster configurations and their service account tokens when the cluster manager tries to connect to an API server of a registered cluster, and a connection error occurs. An attacker could exploit this vulnerability by either accessing logs of a pod of Weave GitOps, or from external log storage and obtaining all cluster configurations of registered clusters. A successful exploit could allow the attacker to use those cluster configurations to manage the registered Kubernetes clusters. ### Patch...

### Impact Passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services. ### Patches It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as possible. ### Credits @Rongronggg9 ### References A full report will be disclosed after 120 hours. ### For more information If you have any questions or comments about this advisory: * Open an issue in <https://github.com/DIYgod/RSSHub/issues> * Email us at [[email protected]](mailto:[email protected])

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18.

Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.

Directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality, which allows a low privileged user to perform internal network port scans.

### Impact NVFLARE contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). The deserialization of Untrusted Data, may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. All versions before 2.1.2 are affected. CVSS Score = 9.8 [AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvd.nist.gov%2Fvuln-metrics%2Fcvss%2Fv3-calculator%3Fvector%3DAV%3AN%2FAC%3AL%2FPR%3AN%2FUI%3AN%2FS%3AU%2FC%3AH%2FI%3AH%2FA%3AH&data=05%7C01%7Cchesterc%40nvidia.com%7Ce9600bde16854b0b380008da4fc544f7%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C637910005925574215%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5kBrXEmAbqp8R31JCH%2FG95MUly72UPVihnBwiRFmvBY%3D&reserved=0) ### Patches The patch will be included in nvflare==2.1.2 ### Workarounds C...

### Impact NVFLARE contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. All versions before 2.1.2 are affected. CVSS Score = 9.8 [AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvd.nist.gov%2Fvuln-metrics%2Fcvss%2Fv3-calculator%3Fvector%3DAV%3AN%2FAC%3AL%2FPR%3AN%2FUI%3AN%2FS%3AU%2FC%3AH%2FI%3AH%2FA%3AH&data=05%7C01%7Cchesterc%40nvidia.com%7Ce9600bde16854b0b380008da4fc544f7%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C637910005925574215%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5kBrXEmAbqp8R31JCH%2FG95MUly72UPVihnBwiRFmvBY%3D&reserved=0) ### Patches The patch will be included in nvflare==2.1.2...