Impact
XWiki Crypto API will generate X509 certificates signed by default using SHA1 with RSA, which is not considered safe anymore for use in certificate signatures, due to the risk of collisions with SHA1.
Note that this API is never used in XWiki St…
[github.com/argoproj/argo-cd] Login screen allows message spoofing if SSO is enabled
Impact
A vulnerability was found in Argo CD that allows an attacker to spoof error messages on the login screen when SSO is enabled.
In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL whi…
[org.apache.maven.shared:maven-shared-utils] Command injection in Apache Maven maven-shared-utils
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-29599
https://github.com/ap…
[publify_core] Improper Access Control in publify
A low-privileged user can modify and delete admin articles just by changing the value of the article[id] parameter prior to 9.2.9.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1810
https://github.com/publify/publify/commit/c0aba87844d1e47da50c…
[publify_core] Cross site scripting in publify
Unrestricted file upload allowed the attacker to manipulate the request and bypass the protection of HTML files using a text file. Stored XSS may be obtained.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1811
https://github.com/publify/publify…
[com.xuxueli:xxl-job] Cross-Site Request Forgery in XXL-Job
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-29002
https://github.com/xuxueli/xxl-j…
[nokogiri] Improper Handling of Unexpected Data Type in Nokogiri
Summary
Nokogiri < v1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers. For CRuby users, this may allow specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory.
Severit…
[github.com/argoproj/argo-cd/v2] Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server
Impact
All unpatched versions of Argo CD starting with v0.7.0 are vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD’s repo-server.
A malicious Argo CD user with write acces…
[hawk] Uncontrolled Resource Consumption in Hawk
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk…
[matrix-appservice-irc] Improper handling of multiline messages in node-irc affects matrix-appservice-irc
matrix-appservice-irc provides an IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. The vulnerability has been patched …