Security
Headlines
HeadlinesLatestCVEs

Tag

#git

GHSA-mv77-fj63-q5w8: Stored XSS vulnerability in Jenkins GitHub Plugin

Jenkins GitHub Plugin 1.37.3 and earlier does not escape the GitHub project URL on the build page when showing changes, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

ghsa
Open in Source
#xss#vulnerability#git
GHSA-54f6-9mx9-86f7: SaToken privilege escalation vulnerability

An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.

GHSA-w9vh-hv5g-7wmr: SaToken authentication bypass vulnerability

An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.

GHSA-fgq9-fc3q-vqmw: dom4j XML Entity Expansion vulnerability

An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before allows a remote attacker to obtain sensitive information via the setFeature function.

GHSA-7g24-qg88-p43q: jose4j uses weak cryptographic algorithm

jose4j before v0.9.3 allows attackers to set a low PBES2 iteration count of 1000 or less.

GHSA-mx47-h5fv-ghwh: light-oauth2 missing public key verification

light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.

GHSA-3j2f-58rq-g6p7: Sureness uses hardcoded key

Dromara Sureness before v1.0.8 was discovered to use a hardcoded key.

CVE-2023-46316: CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines.

CVE-2023-5752: Mailman 3 [CVE-2023-5752] Mercurial configuration injectable in repo revision when installing via pip - Security-announce

When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.

CVE-2023-46136: Merge 3.0.x (#2801) · pallets/werkzeug@f3c803b

Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1.