Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-73pr-g6jj-5hc9: Externally Controlled Reference to a Resource in Another Sphere in ruby-mysql

A malicious actor can read arbitrary files from a client that uses ruby-mysql to communicate to a rogue MySQL server and issue database queries. In these cases, the server has the option to create a database reply using the LOAD DATA LOCAL statement, which instructs the client to provide additional data from a local file readable by the client (and not a "local" file on the server).

ghsa
Open in Source
#sql#git#ruby
GHSA-pf6p-25r2-fx45: Server-Side Request Forgery in dompdf/dompdf

Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0.

GHSA-ww3v-6xjf-jv28: Uncontrolled Resource Consumption in Spray JSON

Recursive decent parsers are susceptible too StackOverflowExceptions on too deeply nested structures as currently "open" parsing state is kept on the stack.

GHSA-cgrj-xjm7-9q27: Open redirect in web2py

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

GHSA-q6wq-5p59-983w: Cross site scripting in parse-url

Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 6.0.1

GHSA-7f3x-x4pr-wqhj: Server-Side Request Forgery in parse-url

Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.

GHSA-jpp7-7chh-cf67: Cross site scripting in parse-url

Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.

GHSA-4p35-cfcx-8653: Hostname confusion in parse-url

Exposure of Sensitive Information to an Unauthorized Actor via hostname confusion in GitHub repository ionicabizau/parse-url prior to 6.0.1

GHSA-fpxm-fprw-6hxj: Salt's PAM auth fails to reject locked accounts

An issue was discovered in SaltStack Salt in versions before 3002.9, 3003.5, 3004.2. PAM auth fails to reject locked accounts, which allows a previously authorized user whose account is locked still run Salt commands when their account is locked. This affects both local shell accounts with an active session and salt-api users that authenticate via PAM eauth.

GHSA-8f4f-v9x5-cg6j: CloudCore UDS Server: Malicious Message can crash CloudCore

### Impact A malicious message can crash CloudCore by triggering a null-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated user of the Cloud. It will be affected only when users turn on the unixsocket switch in the config file `cloudcore.yaml` as below: ``` modules: cloudHub: ... unixsocket: address: xxx enable: true ``` ### Patches This bug has been fixed in Kubeedge 1.11.0, 1.10.1, and 1.9.3. Users should update to these versions to resolve the issue. ### Workarounds Disable the unixsocket switch of CloudHub in the config file `cloudcore.yaml`. ### References NA ### Credits Thanks David Korczynski and Adam Korczynski of ADA Logics for responsibly disclosing this issue in accordance with the [kubeedge security policy](https://github.com/kubeedge/kubeedge/security/policy) during a se...