MODERATE

[org.jenkins-ci.main:cavisson-ns-nd-integration] SSL/TLS certificate validation unconditionally disabled by Jenkins NS-ND Integration Performance Publisher Plugin

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and earlier unconditionally disables SSL/TLS certificate and hostname validation for several features. Currently, there are no known workarounds or patches.
References

https://nvd.nist.g…

[org.yaml:snakeyaml] Snakeyaml vulnerable to Stack overflow leading to denial of service

Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may…

[wasmtime] Wasmtime out of bounds read/write with zero-memory-pages configuration

Impact
There is a bug in Wasmtime’s implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration the virtual memory mapping for WebAssembly memo…

[cleo] cleo is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo PyPI package, when an attacker is able to supply arbitrary input to the Table.set_rows method.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-42966
https://…

[io.github.talelin:lin-cms-core] Lin CMS vulnerable to Improper Authentication

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-44244
https://gist.github.com/cai-niao98/58c97899695488bd73a73d56adf44c4c
https://github.co…

[lzf] Invalid use of `mem::uninitialized` causes `use-of-uninitialized-value`

The compression and decompression function used mem:uninitialized to create an array of uninitialized values, to later write values into it. This later leads to reads from uninitialized memory.
The flaw was corrected in commit b633bf265e41c60dfce3be7ea…

[ckb] ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low.

Impact
When a transaction contains a dep group with many cells, the resources required to process it are not linear to the transaction size nor spent script cycles.
Patches
In 0.43.3, nodes drop the transactions relayed to them when they contain a dep…

[org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view] Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins

Jenkins Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of input steps when using it to generate URLs to proceed or abort Pipeline builds, allowing attackers able to configure Pipelines to specify input step IDs resulting …

[nokogiri] Update bundled libxml2 to v2.10.3 to resolve multiple CVEs

Summary
Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to v2.10.3 from v2.9.14.
libxml2 v2.10.3 addresses the following known vulnerabilities:

CVE-2022-2309
CVE-2022-40304
CVE-2022-40303

Please note that this advisory only a…

[fat_free_crm] Fat Free CRM vulnerable to Remote Denial of Service via Tasks endpoint

Impact
An authenticated user can perform a remote Denial of Service attack against Fat Free CRM.
This vulnerability has been assigned the CVE identifier: CVE-2022-39281
Affected versions: All
Not affected: None
Fixed versions: 0.20.1
All users running …

TechMedia

Featured

[vitess.io/vitess] vitess allows users to create keyspaces that can deny access to already existing keyspaces

[github.com/answerdev/answer] Answer vulnerable to account takeover because password reset links do not expire

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to improper access control

[thorsten/phpmyfaq] thorsten/phpmyfaq vulnerable to stored cross-site scripting (XSS) via updatecategory parameter