Archivos anuales: 2024

Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header.

In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS.

Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function.

Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php.

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition versions before 128104, from 128151 before 128238, from 128247 before 128250 are vulnerable to Stored XSS vulnerability in reports module.

NATO NCI ANET 3.4.1 allows Insecure Direct Object Reference via a modified ID field in a request for a private draft report (that belongs to an arbitrary user).

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. IBM X-Force ID: 265507.

vodozemac is an open source implementation of Olm and Megolm in pure Rust. Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. The use of a non-constant time base64 implementation might allow an attacker to observe timing variations in the encoding and decoding operations of the secret key material. This could potentially provide insights into the underlying secret key material. The impact of this vulnerability is considered low because exploiting the attacker is required to have access to high precision timing measurements, as well as repeated access to the base64 encoding or decoding processes. Additionally, the estimated leakage amount is bounded and low according to the referenced paper. This has been patched in commit 734b6c6948d4b2bdee3dd8b4efa591d93a61d272 which has been included in release version 0.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Gotenberg provides a developer-friendly API to interact with powerful tools like Chromium and LibreOffice for converting numerous document formats (HTML, Markdown, Word, Excel, etc.) into PDF files, and more! Prior to version 8.1.0, the default value for the flag `–chromium-deny-list` allowed to display some internal files from the Gotenberg container. Version 8.1.0 provides a new default value fixing the issue. Prior to version 8.1.0, Gotenberg uses the standard `regexp` Go library, which does not support negative lookahead. Therefore, the new default value for the `–chromium-deny-list` is not applicable. However, one could find an alternative using either or both `–chromium-deny-list` and `–chromium-allow-list` flags. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Steeltoe is an open source project that provides a collection of libraries that helps users build production-grade cloud-native applications using externalized configuration, service discovery, distributed tracing, application management, and more. When utilizing multiple Eureka server service URLs with basic auth and encountering an issue with fetching the service registry, an error is logged with the Eureka server service URLs but only the first URL is masked. The code in question is `_logger.LogError(e, "FetchRegistry Failed for Eureka service urls: {EurekaServerServiceUrls}", new Uri(ClientConfig.EurekaServerServiceUrls).ToMaskedString());` in the `DiscoveryClient.cs` file which may leak credentials into logs. This issue has been addressed in version 3.2.8 of the Steeltoe.Discovery.Eureka nuget package.