Impact
The gatsby-plugin-mdx plugin prior to versions 3.15.2 and 2.14.1 passes input through to the gray-matter npm package, which is vulnerable to JavaScript injection in its default configuration, unless input is sanitized. The vulnerability is pres…
[com.typesafe.play:play_2.12] Dev error stack trace leaking into prod in Play Framework
Impact
Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Play does this by configuring its DefaultHttpErrorHandler to do so based on the application mode. In its Scala API Play also provi…
[com.typesafe.play:play_2.13] Denial of service binding form from JSON in Play Framework
Impact
A denial-of-service vulnerability has been discovered in Play’s forms library, in both the Scala and Java APIs. This can occur when using either the Form#bindFromRequest method on a JSON request body or the Form#bind method directly on a JSON va…
[github.com/blevesearch/bleve] Missing Role Based Access Control for the REST handlers in bleve/http package
Impact
What kind of vulnerability is it? Who is impacted?
Bleve includes HTTP utilities under bleve/http package, that are used by its sample application.
(https://github.com/blevesearch/bleve-explorer)
These HTTP methods paves way for exploitation of…
[gogs.io/gogs] Server-Side Request Forgery in gogs webhook
Impact
The malicious user is able to discover services in the internal network through webhook functionality. All installations accepting public traffic are affected.
Patches
Webhook payload URLs are revalidated before each delivery to make sure they a…
[bottle] Denial of service in bottle
Bottle before 0.12.20 mishandles errors during early request binding.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-31799
https://github.com/bottlepy/bottle/commit/a2b0ee6bb4ce88895429ec4aca856616244c4c4c
https://github.com/bottlepy/bottle/comm…
[net.mingsoft:ms-mcms] Code injection in MCMS
An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-30506
https://gitee.com/mingSoft/MCMS/issues/I56AID
ht…
[SSCMS] Cross site scripting in SSCMS
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).
References
https://nvd.nist.gov/vuln/detail/CVE-2022-30349
https://github.com/siteserver/cms/issues/3238
https://github.com/advisories/GHSA-4qf6-vpj8-p4r6
[github.com/hashicorp/nomad] Privilege escalation in Hashicorp Nomad
HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1.
Referen…
[flower] Authorization bypass in Flower
Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutt…