The package simple-git before 3.15.0 is vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of CVE-2022-24066.
References
…
[GitPython] GitPython vulnerable to Remote Code Execution due to improper user input validation
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible …
[simple-git] simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol
The package simple-git before 3.15.0 is vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of CVE-2022-24066.
References
…
[concrete5/concrete5] ConcreteCMS vulnerable to Xpath injection attacks
ConcreteCMS v9.1.3 was discovered to be vulnerable to Xpath injection attacks. This vulnerability allows attackers to access sensitive XML data via a crafted payload injected into the URL path folder “3”.
References
https://nvd.nist.gov/vuln/detail/CV…
[github.com/clastix/capsule] Capsule vulnerable to privilege escalation by ServiceAccount deployed in a Tenant Namespace
Capsule implements a multi-tenant and policy-based environment in a Kubernetes cluster. A ServiceAccount deployed in a Tenant Namespace, when granted with PATCH capabilities on its own Namespace, is able to edit it and remove the Owner Reference, break…
[github.com/prometheus/prometheus/v2] Prometheus vulnerable to basic authentication bypass
Impact
Prometheus can be secured by a web.yml file that specifies usernames and hashed passwords for basic authentication.
Passwords are hashed with bcrypt, which means that even if you have access to the hash, it is very hard to find the original pass…
[craftcms/cms] Craft CMS discloses password hashes
All Craft CMS versions between 3.0.0 and 3.7.32 disclose password hashes of users who authenticate using their E-Mail address or username in Anti-CSRF-Tokens. Craft CMS uses a cookie called CRAFT_CSRF_TOKEN and a HTML hidden field called CRAFT_CSRF_TOK…
[muhammara] muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference
Impact
The package muhammara before 2.6.2, from 3.0.0 and before 3.3.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be parsed.
Patches
It has been patched in 3.4.0 and ha…
[org.terasoluna.gfw:terasoluna-gfw-common] TERASOLUNA Server Framework vulnerable to ClassLoader manipulation
TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to ClassLoader manipulation due to using the old version of Spring Framework which contains the vulnerability. T…
[xblock-drag-and-drop-v2] XBlock vulnerable to Cross-Site Scripting (XSS)
Impact
XSS Vulnerability in multiple XBlock Fields. Any platform that has deployed the XBlock will be impacted.
Patches
https://github.com/openedx/xblock-drag-and-drop-v2/commit/53c4482f9bb6d8c7ccdf5253bd82c84a222b2492
The fix is compatible with all O…