Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the repo package that can cause a segmentation violation. Applications that use functions from the repo package in the Helm SDK can have a Denial of Service attack …
[helm.sh/helm/v3] Helm vulnerable to denial of service through string value parsing
Fuzz testing, by Ada Logics and sponsored by the CNCF, identified input to functions in the strvals package that can cause a stack overflow. In Go, a stack overflow cannot be recovered from. Applications that use functions from the strvals package in t…
[tendermint-light-client-verifier] Tendermint light client verification not taking into account chain ID
Impact
Anyone using the tendermint-light-client and related packages to perform light client verification (e.g. IBC-rs, Hermes).
At present, the light client does not check that the chain IDs of the trusted and untrusted headers match, resulting in a p…
[collective.dms.basecontent] collective.dms.basecontent Cross-site Scripting vulnerability
A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting….
[github.com/csaf-poc/csaf_distribution] csaf-poc/csaf_distribution Cross-site Scripting vulnerability
The csaf_provider package before 0.8.2 allows XSS via a crafted CSAF document uploaded as text/html. The endpoint upload allows valid CSAF advisories (JSON format) to be uploaded with Content-Type text/html and filenames ending in .html. When subsequen…
[org.keycloak:keycloak-parent] Keycloak vulnerable to session takeover with OIDC offline refreshtokens
An issue was discovered in Keycloak when using a client with the offline_access scope. Reuse of session ids across root and user authentication sessions and a lack of root session validation enabled attackers to resolve a user session attached to a dif…
[rails-html-sanitizer] Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Summary
There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer. This is due to an incomplete fix of CVE-2022-32209.
Versions affected: ALL
Not affected: NONE
Fixed versions: 1.4.4
Impact
A possible XSS vulnerabili…
[rails-html-sanitizer] Possible XSS vulnerability with certain configurations of rails-html-sanitizer
Summary
There is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.
Versions affected: ALL
Not affected: NONE
Fixed versions: 1.4.4
Impact
A possible XSS vulnerability with certain configurations of Rails::Html::Sanit…
[rails-html-sanitizer] Improper neutralization of data URIs may allow XSS in rails-html-sanitizer
Summary
rails-html-sanitizer >= 1.0.3, < 1.4.4 is vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0.
Mitigation
Upgrade to rails-html-sanitizer >= 1.4.4.
Severity
The maintainers have evaluated t…
[loofah] Improper neutralization of data URIs may allow XSS in Loofah
Summary
Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs.
Mitigation
Upgrade to Loofah >= 2.19.1.
Severity
The Loofah maintainers have evaluated this as Medium Severity 6.1.
Referenc…