ghsa

thorsten/phpmyfaq prior to 3.1.14 is vulnerable to a stored cross-site scripting attack perpetuated by an actor logged in as admin.

### Summary Insecure 3DES ciphers are used which may lead to exploitation of the [Sweet32 vulnerability](https://sweet32.info/). Specifically, the ciphers TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (secp256r1) and TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) are allowed. See CVE-2016-2183. This is fixed in Kyverno v1.9.5 and v1.10.0 and no known users have been affected. ### Details The ciphers in affected versions can be read using the following command which uses `nmap`: ```sh $ kubectl exec -it mypod -n kyverno sh kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead. **nmap -sV --script ssl-enum-ciphers -p 443 kyverno-cleanup-controller** or **nmap -sV --script ssl-enum-ciphers -p 443 kyverno-svc** Starting Nmap 7.92 ( https://nmap.org ) at 2023-05-26 10:55 UTC Nmap scan report for kyverno-cleanup-controller (10.103.199.233) Host is up (0.000058s latency). rDNS record for 10.103.199.233: kyverno-cleanup-controller...

### Impact On Linux the `sccache` client can execute arbitrary code with the privileges of a local `sccache` server, by preloading the code in a shared library passed to `LD_PRELOAD`. If the server is run as root (which is the default when installing the [snap package](https://snapcraft.io/sccache)), this means a user running the `sccache` client can get root privileges. ### Patches Upgrade to 0.4.0 ### Workarounds Don't run sccache server as root. ### GitHub Security Lab number GHSL-2023-046

A remote attacker can trigger a denial of service in the `socket.remoteAddress` variable, by sending a crafted HTTP request. Usage of the undefined variable raises a TypeError exception.

A vulnerability, which was classified as problematic, has been found in Abstrium Pydio Cells 4.2.0. This issue affects some unknown processing of the component Chat. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-230213 was assigned to this vulnerability.

A vulnerability was found in Abstrium Pydio Cells 4.2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Change Subscription Handler. The manipulation leads to authorization bypass. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component. VDB-230210 is the identifier assigned to this vulnerability.

Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3.

In Moov signedxml through 1.0.0, parsing the raw XML (as received) can result in different output than parsing the canonicalized XML. Thus, signature validation can be bypassed via a Signature Wrapping attack (aka XSW).

Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.

xml_security.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used.