Security
Headlines
HeadlinesLatestCVEs

Tag

#js

CVE-2022-43284: SEGV njs_scope.h:85:10 in njs_scope_valid_value · Issue #470 · nginx/njs

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h.

CVE
Open in Source
#ubuntu#linux#js#nginx
CVE-2022-43286: Fixed JSON.parse() when reviver function is provided. · nginx/njs@2ad0ea2

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.

CVE-2022-43285: SEGV in njs_promise_reaction_job · Issue #533 · nginx/njs

Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job.

Threat Roundup for October 21 to October 28

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 21 and Oct. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

CVE-2022-39366: Release DataHub v0.8.45 · datahub-project/datahub

DataHub is an open-source metadata platform. Prior to version 0.8.45, the `StatelessTokenService` of the DataHub metadata service (GMS) does not verify the signature of JWT tokens. This allows an attacker to connect to DataHub instances as any user if Metadata Service authentication is enabled. This vulnerability occurs because the `StatelessTokenService` of the Metadata service uses the `parse` method of `io.jsonwebtoken.JwtParser`, which does not perform a verification of the cryptographic token signature. This means that JWTs are accepted regardless of the used algorithm. This issue may lead to an authentication bypass. Version 0.8.45 contains a patch for the issue. There are no known workarounds.

CVE-2022-3741: Chatwoot's Misconfigured Rack_Attack.rb Does Not Appropriately Protect Against Brute Force Attacks in chatwoot

Impact varies for each individual vulnerability in the application. For generation of accounts, it may be possible, depending on the amount of system resources available, to create a DoS event in the server. These accounts still need to be activated; however, it is possible to identify the output Status Code to separate accounts that are generated and waiting for email verification. \n\nFor the sign in directories, it is possible to brute force login attempts to either login portal, which could lead to account compromise.

CVE-2022-39978: bug_report/RCE-1.md at main · z1pwn/bug_report

Online Pet Shop We App v1.0 was discovered to contain an arbitrary file upload vulnerability via the Editing function in the Product List module. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file uploaded through the picture upload point.

CVE-2022-0074: ols-dockerfiles/Dockerfile at master · litespeedtech/ols-dockerfiles

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.

CVE-2022-0072: openlitespeed/httpserver.cpp at v1.7.16 · litespeedtech/openlitespeed

Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server Dashboard allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1

CVE-2022-42055: GL.iNET MT300N-V2 Vulnerabilities and Hardware Teardown

Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.