Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-3fpv-54ff-wqfj: Deserialization of Untrusted Data in topthink/framework

The package topthink/framework before version 6.0.12 is vulnerable to Deserialization of Untrusted Data due to insecure `unserialize` method in the `Driver` class.

ghsa
#git
GHSA-6429-3g3w-6mw5: Uncaught Exception in bignum

All versions of the npm package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8. When verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks.

GHSA-qwqv-j7jr-4hp6: Argument injection in python-libnmap

In the python-libnmap package through 0.7.2 for Python, remote command execution can occur (if used in a client application that does not validate arguments).

GHSA-gchv-364h-r896: XML External Entity Reference in apache jena

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities.

GHSA-g53g-q539-93cv: Server-Side Request Forgery in scout-browser

Pypi package scout-browser (GitHub repository clinical-genomics/scout) prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting.

GHSA-52rh-5rpj-c3w6: Improper handling of multiline messages in node-irc

node-irc is a socket wrapper for the IRC protocol that extends Node.js' EventEmitter. The vulnerability allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. Incorrect handling of a CR character allowed for making part of the message be sent to the IRC server verbatim rather than as a message to the channel. The vulnerability has been patched in node-irc version 1.2.1.

GHSA-jf66-3q76-h5p5: Tenant and Verifier might not use the same registrar data

Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1. At this time, there are no known workaround.

GHSA-m8gv-gvhf-7rhp: Cross-site Scripting in FacturaScripts

FacturaScripts versions 2022.06 and prior are vulnerable to reflected cross-site scripting attacks. This vulnerability can use arbitrarily executed javascript code to steal users' cookies, perform HTTP request, get content of `same origin` page, etc. A fix is available on the `master` branch of the GitHub repository and anticipated to be part of version 2022.07.

GHSA-6346-5r4h-ff5x: Microweber vulnerable to cross-site scripting (XSS)

Microweber is a drag and drop website builder and a powerful next generation CMS. Microweber versions 1.2.15 and prior are vulnerable to cross-site scripting. This could lead to injection of arbitrary JaveScript code, defacement of a page, or stealing cookies. A patch is available on the `master` branch of Microweber's GitHub repository.

GHSA-f23x-4gf4-m9ff: Cross-site Scripting in Microweber

Microweber prior to version 1.2.16 is vulnerable to cross-site scripting. This vulnerability allows an attacker to execute JavaScript as the victim.