Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-p7wj-c85f-xq9h: Answer has Cross-site Scripting vulnerability

Cross-site Scripting (XSS) - DOM in GitHub repository answerdev/answer prior to 1.0.4.

ghsa
Open in Source
#xss#vulnerability#git
GHSA-4cwh-8w4g-jxxh: Answer contains Improper Access Control vulnerability

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4.

GHSA-qx34-47fc-vv79: Answer vulnerable to Race Condition

Race Condition in Switch in GitHub repository answerdev/answer prior to 1.0.4.

GHSA-74fp-r6jw-h4mp: Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON parsing

Unbounded recursion in JSON parsing allows malicious JSON input to cause excessive memory consumption or panics.

GHSA-2qxp-xmx6-cq4f: Cross-Site Request Forgery (CSRF) in wallabag/wallabag

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.5.4.

GHSA-3x2c-87cq-qx49: Cross-site Scripting (XSS) in wallabag/wallabag

Cross-site Scripting (XSS) - Stored in GitHub repository wallabag/wallabag prior to 2.5.4.

GHSA-p4g4-wgrh-qrg2: Improper Input Validation in etcd

### Vulnerability type Data Validation ### Detail The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL. ### References Find out more on this vulnerability in the [security audit report](https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf) ### For more information If you have any questions or comments about this advisory: * Contact the [etcd security committee](https://github.com/etcd-io/etcd/blob/master/security/security-release-process.md#product-security-committee-psc)

GHSA-9xm8-8qvc-vw3p: Denial of Service in dhowden/tag

dhowden tag before 0.0.0-20201120070457-d52dcb253c63 allows `panic: runtime error: index out of range` via readPICFrame.

GHSA-xhjq-w7xm-p8qj: Go SSH library vulnerable to Man-in-the-Middle attacks

The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism.

GHSA-26f8-x7cc-wqpc: Apache Kafka Connect vulnerable to Deserialization of Untrusted Data

A possible security vulnerability has been identified in Apache Kafka Connect. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka Connect clusters since Apache Kafka 2.3.0. When configuring the connector via the Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config` property for any of the connector's Kafka clients to "com.sun.security.auth.module.JndiLoginModule", which can be done via the `producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerabili...