SWHKD is a display protocol-independent hotkey daemon made in Rust. In SWHKD versions 1.1.5 and prior, SWHKD uses the /tmp/swhkd.pid pathname. As /tmp is accessible to all users, there can be an information leak or denial of service. No known workaroun…
[apache-dolphinscheduler] Uncontrolled Resource Consumption in Apache DolphinScheduler
Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks. Apache DolphinScheduler users should upgrade to version 2.0.5 or higher.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-25598
https://l…
[snipe/snipe-it] Old sessions not blocked by login enable function in Snipe-IT
Snipe-IT is a FOSS project for asset management in IT Operations. In Snipe-IT versions 5.4.1 and 6.0.0-RC-5 and prior, active sessions are not revoked when a user account is disabled, allowing that user to still access information that they should no l…
[puma] HTTP Request Smuggling in puma
When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the fr…
[C1CMS.Assemblies] Server side request forgery in C1 CMS
C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arbitrary GET requests to other servers in the local ne…
[com.shopizer:shopizer] Cross site scripting in Shopizer
A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions v2.0.2 through v2.17.0 via the “Manage Images” tab, which allows an attacker to upload a SVG file containing malicious JavaScript code.
References
https://nvd.nist.gov/vuln/…
[org.jvnet.hudson.plugins:instant-messaging] Plaintext storage in Jenkins instant-messaging Plugin
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access…
[org.jenkins-ci.plugins:flaky-test-handler] XXE vulnerability in Jenkins Flaky Test Handler Plugin
Jenkins Flaky Test Handler Plugin 1.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-28140
https://www.jenkins.io/security/advisory/2022-03-29/#SECURIT…
[deno] Sandbox bypass leading to arbitrary code execution in Deno
Impact
The versions of Deno between release 1.18.0 and 1.20.2 (inclusive) are vulnerable to an attack where a malicious actor controlling the code executed in a Deno runtime could bypass permission checks and execute arbitrary shell code.
There is no e…
[horovod] Use of insecure temporary file in Horovod
Impact
The insecure tempfile.mktemp() is used when Horovod is run in an LSF job with jsrun. In that situation, a jsrun rank file is created with mktemp, which could be hijacked by another process to read or manipulate the content.
This issue does not i…