Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2022-2368
Vulnerability from csaf_certbund
Published
2022-12-19 23:00
Modified
2023-01-09 23:00
Summary
HCL BigFix: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
BigFix ist eine Lösung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.
Angriff
Ein Angreifer kann mehrere Schwachstellen in HCL BigFix ausnutzen, um die Verfügbarkeit, die Vertraulichkeit und die Integrität zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in HCL BigFix ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-2368 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2368.json" }, { "category": "self", "summary": "WID-SEC-2022-2368 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2368" }, { "category": "external", "summary": "IBM Security Bulletin 6853623 vom 2023-01-09", "url": "https://www.ibm.com/support/pages/node/6853623" }, { "category": "external", "summary": "HCL Security Bulletin KB0102049 vom 2022-12-17", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102049" }, { "category": "external", "summary": "HCL Security Bulletin vom 2022-12-19", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102168" }, { "category": "external", "summary": "HCL Security Bulletin vom 2022-12-19", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102140" } ], "source_lang": "en-US", "title": "HCL BigFix: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-09T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:07:21.053+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-2368", "initial_release_date": "2022-12-19T23:00:00.000+00:00", "revision_history": [ { "date": "2022-12-19T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2022-12-28T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von HCL aufgenommen" }, { "date": "2023-01-09T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "HCL BigFix", "product": { "name": "HCL BigFix", "product_id": "T017494", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:-" } } }, { "category": "product_name", "name": "HCL BigFix \u003c 10.0.8\u00a0", "product": { "name": "HCL BigFix \u003c 10.0.8\u00a0", "product_id": "T025721", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:10.0.8" } } }, { "category": "product_name", "name": "HCL BigFix \u003c 9.5.21", "product": { "name": "HCL BigFix \u003c 9.5.21", "product_id": "T025722", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:9.5.21" } } } ], "category": "product_name", "name": "BigFix" } ], "category": "vendor", "name": "HCL" }, { "branches": [ { "category": "product_name", "name": "IBM License Metric Tool", "product": { "name": "IBM License Metric Tool", "product_id": "T016581", "product_identification_helper": { "cpe": "cpe:/a:ibm:license_metric_tool:-" } } } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-44756", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-44756" }, { "cve": "CVE-2022-42454", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-42454" }, { "cve": "CVE-2022-42448", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-42448" }, { "cve": "CVE-2022-39299", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-39299" }, { "cve": "CVE-2022-38655", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-38655" }, { "cve": "CVE-2022-37616", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-37616" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-31160", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-31160" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-25896", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-25896" }, { "cve": "CVE-2022-25887", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2022-25887" }, { "cve": "CVE-2021-41184", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2021-41184" }, { "cve": "CVE-2021-41183", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2021-41183" }, { "cve": "CVE-2021-41182", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2021-41182" }, { "cve": "CVE-2021-32014", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2021-32014" }, { "cve": "CVE-2021-32013", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2021-32013" }, { "cve": "CVE-2021-32012", "notes": [ { "category": "description", "text": "In HCL BigFix existieren mehrere Schwachstellen. Diese sind sowohl im Quellcode als auch in Open-Source-Komponenten zu finden. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Verf\u00fcgbarkeit, die Vertraulichkeit und die Integrit\u00e4t zu gef\u00e4hrden." } ], "product_status": { "known_affected": [ "T016581", "T025722", "T025721", "T017494" ] }, "release_date": "2022-12-19T23:00:00Z", "title": "CVE-2021-32012" } ] }
cve-2022-31129
Vulnerability from cvelistv5
Published
2022-07-06 00:00
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:11:39.222Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" }, { "tags": [ "x_transferred" ], "url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973" }, { "tags": [ "x_transferred" ], "url": "https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3" }, { "tags": [ "x_transferred" ], "url": "https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/" }, { "name": "FEDORA-2022-85aa8e5706", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/" }, { "name": "FEDORA-2022-35b698150c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/" }, { "name": "FEDORA-2022-b9ef7c3c3c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/" }, { "name": "FEDORA-2022-798fd95813", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20221014-0003/" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "moment", "vendor": "moment", "versions": [ { "status": "affected", "version": " \u003e= 2.18.0, \u003c 2.29.4" } ] } ], "descriptions": [ { "lang": "en", "value": "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-01-31T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/moment/moment/security/advisories/GHSA-wc69-rhjr-hc9g" }, { "url": "https://github.com/moment/moment/pull/6015#issuecomment-1152961973" }, { "url": "https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3" }, { "url": "https://huntr.dev/bounties/f0952b67-f2ff-44a9-a9cd-99e0a87cb633/" }, { "name": "FEDORA-2022-85aa8e5706", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/" }, { "name": "FEDORA-2022-35b698150c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/" }, { "name": "FEDORA-2022-b9ef7c3c3c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWY24RJA3SBJGA5N4CU4VBPHJPPPJL5O/" }, { "name": "FEDORA-2022-798fd95813", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZMX5YHELQVCGKKQVFXIYOTBMN23YYSRO/" }, { "url": "https://security.netapp.com/advisory/ntap-20221014-0003/" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html" } ], "source": { "advisory": "GHSA-wc69-rhjr-hc9g", "discovery": "UNKNOWN" }, "title": "Inefficient Regular Expression Complexity in moment" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31129", "datePublished": "2022-07-06T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T07:11:39.222Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-31160
Vulnerability from cvelistv5
Published
2022-07-20 00:00
Modified
2024-08-03 07:11
Severity ?
EPSS score ?
Summary
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T07:11:39.646Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-h6gj-6jjq-h8g9" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/commit/8cc5bae1caa1fcf96bf5862c5646c787020ba3f9" }, { "tags": [ "x_transferred" ], "url": "https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-contrib-2022-052" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220909-0007/" }, { "name": "FEDORA-2022-22d8ba36d0", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB2FJQXCNHO32VGVOC6DY6IPGVE4VDU6/" }, { "name": "FEDORA-2022-1a01ed37e2", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XBR3G3JR5ZIOJDO4224M3INXDS2VFDD/" }, { "name": "FEDORA-2022-7291b78111", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5LGNTICB5BRFAG3DHVVELS6H3CZSQMO/" }, { "name": "[debian-lts-announce] 20221207 [SECURITY] [DLA 3230-1] jqueryui security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00015.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "jquery-ui", "vendor": "jquery", "versions": [ { "status": "affected", "version": "\u003c 1.13.2" } ] } ], "descriptions": [ { "lang": "en", "value": "jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( \"refresh\" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-07T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-h6gj-6jjq-h8g9" }, { "url": "https://github.com/jquery/jquery-ui/commit/8cc5bae1caa1fcf96bf5862c5646c787020ba3f9" }, { "url": "https://blog.jqueryui.com/2022/07/jquery-ui-1-13-2-released/" }, { "url": "https://www.drupal.org/sa-contrib-2022-052" }, { "url": "https://security.netapp.com/advisory/ntap-20220909-0007/" }, { "name": "FEDORA-2022-22d8ba36d0", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB2FJQXCNHO32VGVOC6DY6IPGVE4VDU6/" }, { "name": "FEDORA-2022-1a01ed37e2", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XBR3G3JR5ZIOJDO4224M3INXDS2VFDD/" }, { "name": "FEDORA-2022-7291b78111", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5LGNTICB5BRFAG3DHVVELS6H3CZSQMO/" }, { "name": "[debian-lts-announce] 20221207 [SECURITY] [DLA 3230-1] jqueryui security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00015.html" } ], "source": { "advisory": "GHSA-h6gj-6jjq-h8g9", "discovery": "UNKNOWN" }, "title": "jQuery UI contains potential XSS vulnerability when refreshing a checkboxradio with an HTML-like initial text label" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-31160", "datePublished": "2022-07-20T00:00:00", "dateReserved": "2022-05-18T00:00:00", "dateUpdated": "2024-08-03T07:11:39.646Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-37616
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 10:29
Severity ?
EPSS score ?
Summary
A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states "we are in the process of marking this report as invalid"; however, some third parties takes the position that "A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T10:29:21.029Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-9pgh-qqpf-7wqj" }, { "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3154-1] node-xmldom security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00023.html" }, { "tags": [ "x_transferred" ], "url": "https://dl.acm.org/doi/abs/10.1145/3488932.3497769" }, { "tags": [ "x_transferred" ], "url": "https://dl.acm.org/doi/pdf/10.1145/3488932.3497769" }, { "tags": [ "x_transferred" ], "url": "http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826" }, { "tags": [ "x_transferred" ], "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1327776560" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A prototype pollution vulnerability exists in the function copy in dom.js in the xmldom (published as @xmldom/xmldom) package before 0.8.3 for Node.js via the p variable. NOTE: the vendor states \"we are in the process of marking this report as invalid\"; however, some third parties takes the position that \"A prototype injection/Prototype pollution is not just when global objects are polluted with recursive merge or deep cloning but also when a target object is polluted.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-29T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L1" }, { "url": "https://github.com/xmldom/xmldom/blob/bc36efddf9948aba15618f85dc1addfc2ac9d7b2/lib/dom.js#L3" }, { "url": "https://github.com/xmldom/xmldom/issues/436" }, { "url": "https://github.com/xmldom/xmldom/security/advisories/GHSA-9pgh-qqpf-7wqj" }, { "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3154-1] node-xmldom security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00023.html" }, { "url": "https://dl.acm.org/doi/abs/10.1145/3488932.3497769" }, { "url": "https://dl.acm.org/doi/pdf/10.1145/3488932.3497769" }, { "url": "http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf" }, { "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826" }, { "url": "https://github.com/xmldom/xmldom/issues/436#issuecomment-1327776560" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-37616", "datePublished": "2022-10-11T00:00:00", "dateReserved": "2022-08-08T00:00:00", "dateUpdated": "2024-08-03T10:29:21.029Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-32012
Vulnerability from cvelistv5
Published
2021-07-19 13:20
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 1 of 2).
References
▼ | URL | Tags |
---|---|---|
https://sheetjs.com/pro | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/ | x_refsource_MISC | |
https://www.npmjs.com/package/xlsx/v/0.17.0 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:17:27.886Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sheetjs.com/pro" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 1 of 2)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-07T14:42:10", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://sheetjs.com/pro" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-32012", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 1 of 2)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://sheetjs.com/pro", "refsource": "MISC", "url": "https://sheetjs.com/pro" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/", "refsource": "MISC", "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "name": "https://www.npmjs.com/package/xlsx/v/0.17.0", "refsource": "MISC", "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-32012", "datePublished": "2021-07-19T13:20:01", "dateReserved": "2021-05-03T00:00:00", "dateUpdated": "2024-08-03T23:17:27.886Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41184
Vulnerability from cvelistv5
Published
2021-10-26 00:00
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:31.291Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280" }, { "name": "FEDORA-2021-51c256bf87", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/" }, { "name": "FEDORA-2021-ab38307fc3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/" }, { "name": "FEDORA-2021-013ab302be", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211118-0004/" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-core-2022-001" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-09" }, { "name": "FEDORA-2022-9d655503ea", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/" }, { "name": "FEDORA-2022-bf18450366", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "jquery-ui", "vendor": "jquery", "versions": [ { "status": "affected", "version": "\u003c 1.13.0" } ] } ], "descriptions": [ { "lang": "en", "value": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/" }, { "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327" }, { "url": "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280" }, { "name": "FEDORA-2021-51c256bf87", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/" }, { "name": "FEDORA-2021-ab38307fc3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/" }, { "name": "FEDORA-2021-013ab302be", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211118-0004/" }, { "url": "https://www.drupal.org/sa-core-2022-001" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://www.tenable.com/security/tns-2022-09" }, { "name": "FEDORA-2022-9d655503ea", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/" }, { "name": "FEDORA-2022-bf18450366", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "source": { "advisory": "GHSA-gpqq-952q-5327", "discovery": "UNKNOWN" }, "title": "XSS in the `of` option of the `.position()` util" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-41184", "datePublished": "2021-10-26T00:00:00", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-04T03:08:31.291Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-25896
Vulnerability from cvelistv5
Published
2022-07-01 20:06
Modified
2024-09-16 17:54
Severity ?
EPSS score ?
Summary
This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed.
References
▼ | URL | Tags |
---|---|---|
https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631 | x_refsource_MISC | |
https://github.com/jaredhanson/passport/pull/900 | x_refsource_MISC | |
https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:49:44.156Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jaredhanson/passport/pull/900" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "passport", "vendor": "n/a", "versions": [ { "lessThan": "0.6.0", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "jaredhanson" } ], "datePublic": "2022-07-01T00:00:00", "descriptions": [ { "lang": "en", "value": "This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Session Fixation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-01T20:06:04", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jaredhanson/passport/pull/900" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608" } ], "title": "Session Fixation", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2022-07-01T20:00:14.872984Z", "ID": "CVE-2022-25896", "STATE": "PUBLIC", "TITLE": "Session Fixation" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "passport", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "0.6.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "jaredhanson" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "This affects the package passport before 0.6.0. When a user logs in or logs out, the session is regenerated instead of being closed." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Session Fixation" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JS-PASSPORT-2840631" }, { "name": "https://github.com/jaredhanson/passport/pull/900", "refsource": "MISC", "url": "https://github.com/jaredhanson/passport/pull/900" }, { "name": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608", "refsource": "MISC", "url": "https://github.com/jaredhanson/passport/commit/7e9b9cf4d7be02428e963fc729496a45baeea608" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2022-25896", "datePublished": "2022-07-01T20:06:04.981270Z", "dateReserved": "2022-02-24T00:00:00", "dateUpdated": "2024-09-16T17:54:16.737Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41182
Vulnerability from cvelistv5
Published
2021-10-26 00:00
Modified
2024-08-04 02:59
Severity ?
EPSS score ?
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T02:59:31.655Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63" }, { "tags": [ "x_transferred" ], "url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/" }, { "name": "FEDORA-2021-51c256bf87", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/" }, { "name": "FEDORA-2021-ab38307fc3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/" }, { "name": "FEDORA-2021-013ab302be", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/" }, { "name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-core-2022-002" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211118-0004/" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-contrib-2022-004" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-09" }, { "name": "FEDORA-2022-9d655503ea", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/" }, { "name": "FEDORA-2022-bf18450366", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "jquery-ui", "vendor": "jquery", "versions": [ { "status": "affected", "version": "\u003c 1.13.0" } ] } ], "descriptions": [ { "lang": "en", "value": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc" }, { "url": "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63" }, { "url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/" }, { "name": "FEDORA-2021-51c256bf87", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/" }, { "name": "FEDORA-2021-ab38307fc3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/" }, { "name": "FEDORA-2021-013ab302be", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/" }, { "name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html" }, { "url": "https://www.drupal.org/sa-core-2022-002" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211118-0004/" }, { "url": "https://www.drupal.org/sa-contrib-2022-004" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://www.tenable.com/security/tns-2022-09" }, { "name": "FEDORA-2022-9d655503ea", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/" }, { "name": "FEDORA-2022-bf18450366", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "source": { "advisory": "GHSA-9gj3-hwp5-pmwc", "discovery": "UNKNOWN" }, "title": "XSS in the `altField` option of the Datepicker widget" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-41182", "datePublished": "2021-10-26T00:00:00", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-04T02:59:31.655Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-33987
Vulnerability from cvelistv5
Published
2022-06-18 20:51
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.
References
▼ | URL | Tags |
---|---|---|
https://github.com/sindresorhus/got/pull/2047 | x_refsource_MISC | |
https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0 | x_refsource_MISC | |
https://github.com/sindresorhus/got/releases/tag/v11.8.5 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T08:16:16.308Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/got/pull/2047" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-06-22T13:05:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/got/pull/2047" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-33987", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sindresorhus/got/pull/2047", "refsource": "MISC", "url": "https://github.com/sindresorhus/got/pull/2047" }, { "name": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0", "refsource": "MISC", "url": "https://github.com/sindresorhus/got/compare/v12.0.3...v12.1.0" }, { "name": "https://github.com/sindresorhus/got/releases/tag/v11.8.5", "refsource": "MISC", "url": "https://github.com/sindresorhus/got/releases/tag/v11.8.5" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-33987", "datePublished": "2022-06-18T20:51:12", "dateReserved": "2022-06-18T00:00:00", "dateUpdated": "2024-08-03T08:16:16.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-32014
Vulnerability from cvelistv5
Published
2021-07-19 13:20
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.
References
▼ | URL | Tags |
---|---|---|
https://sheetjs.com/pro | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/ | x_refsource_MISC | |
https://www.npmjs.com/package/xlsx/v/0.17.0 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:17:27.969Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sheetjs.com/pro" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-07T14:42:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://sheetjs.com/pro" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-32014", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://sheetjs.com/pro", "refsource": "MISC", "url": "https://sheetjs.com/pro" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/", "refsource": "MISC", "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "name": "https://www.npmjs.com/package/xlsx/v/0.17.0", "refsource": "MISC", "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-32014", "datePublished": "2021-07-19T13:20:12", "dateReserved": "2021-05-03T00:00:00", "dateUpdated": "2024-08-03T23:17:27.969Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-38655
Vulnerability from cvelistv5
Published
2022-12-20 04:51
Modified
2024-08-03 11:02
Severity ?
EPSS score ?
Summary
BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | HCL Software | BigFix WebUI |
Version: 20 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T11:02:14.043Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102140" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "BigFix WebUI", "vendor": "HCL Software", "versions": [ { "status": "affected", "version": "20" } ] } ], "datePublic": "2022-12-20T04:23:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site. \u003c/span\u003e\u003cbr\u003e" } ], "value": "BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site. \n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-21T01:21:43.830108Z", "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL" }, "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102140" } ], "source": { "discovery": "UNKNOWN" }, "title": "HCL BigFix WebUI is affected by a missing-permission-check vulnerability", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "assignerShortName": "HCL", "cveId": "CVE-2022-38655", "datePublished": "2022-12-20T04:51:01.413Z", "dateReserved": "2022-08-22T16:31:27.394Z", "dateUpdated": "2024-08-03T11:02:14.043Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-39299
Vulnerability from cvelistv5
Published
2022-10-12 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | node-saml | passport-saml |
Version: < 3.2.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:00:44.015Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/node-saml/passport-saml/security/advisories/GHSA-m974-647v-whv7" }, { "tags": [ "x_transferred" ], "url": "https://github.com/node-saml/passport-saml/commit/8b7e3f5a91c8e5ac7e890a0c90bc7491ce33155e" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/169826/Node-saml-Root-Element-Signature-Bypass.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "passport-saml", "vendor": "node-saml", "versions": [ { "status": "affected", "version": "\u003c 3.2.2" } ] } ], "descriptions": [ { "lang": "en", "value": "Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication on a website using passport-saml. A successful attack requires that the attacker is in possession of an arbitrary IDP signed XML element. Depending on the IDP used, fully unauthenticated attacks (e.g without access to a valid user) might also be feasible if generation of a signed message can be triggered. Users should upgrade to passport-saml version 3.2.2 or newer. The issue was also present in the beta releases of `node-saml` before version 4.0.0-beta.5. If you cannot upgrade, disabling SAML authentication may be done as a workaround." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-347", "description": "CWE-347: Improper Verification of Cryptographic Signature", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-14T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/node-saml/passport-saml/security/advisories/GHSA-m974-647v-whv7" }, { "url": "https://github.com/node-saml/passport-saml/commit/8b7e3f5a91c8e5ac7e890a0c90bc7491ce33155e" }, { "url": "http://packetstormsecurity.com/files/169826/Node-saml-Root-Element-Signature-Bypass.html" } ], "source": { "advisory": "GHSA-m974-647v-whv7", "discovery": "UNKNOWN" }, "title": "Signature bypass via multiple root elements in Passport-SAML" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-39299", "datePublished": "2022-10-12T00:00:00", "dateReserved": "2022-09-02T00:00:00", "dateUpdated": "2024-08-03T12:00:44.015Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-25887
Vulnerability from cvelistv5
Published
2022-08-30 05:00
Modified
2024-09-17 03:07
Severity ?
EPSS score ?
Summary
The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal.
References
▼ | URL | Tags |
---|---|---|
https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526 | x_refsource_MISC | |
https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102 | x_refsource_MISC | |
https://github.com/apostrophecms/sanitize-html/pull/557 | x_refsource_MISC | |
https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | sanitize-html |
Version: unspecified < 2.7.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:49:44.330Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/apostrophecms/sanitize-html/pull/557" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "sanitize-html", "vendor": "n/a", "versions": [ { "lessThan": "2.7.1", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Nariyoshi Chida of NTT Security Japan" } ], "datePublic": "2022-08-30T00:00:00", "descriptions": [ { "lang": "en", "value": "The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-08-30T05:00:20", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526" }, { "tags": [ "x_refsource_MISC" ], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/apostrophecms/sanitize-html/pull/557" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c" } ], "title": "Regular Expression Denial of Service (ReDoS)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2022-08-30T05:00:02.403842Z", "ID": "CVE-2022-25887", "STATE": "PUBLIC", "TITLE": "Regular Expression Denial of Service (ReDoS)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "sanitize-html", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "2.7.1" } ] } } ] }, "vendor_name": "n/a" } ] } }, "credit": [ { "lang": "eng", "value": "Nariyoshi Chida of NTT Security Japan" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The package sanitize-html before 2.7.1 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure global regular expression replacement logic of HTML comment removal." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Regular Expression Denial of Service (ReDoS)" } ] } ] }, "references": { "reference_data": [ { "name": "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526", "refsource": "MISC", "url": "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-2957526" }, { "name": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102", "refsource": "MISC", "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3008102" }, { "name": "https://github.com/apostrophecms/sanitize-html/pull/557", "refsource": "MISC", "url": "https://github.com/apostrophecms/sanitize-html/pull/557" }, { "name": "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c", "refsource": "MISC", "url": "https://github.com/apostrophecms/sanitize-html/commit/b4682c12fd30e12e82fa2d9b766de91d7d2cd23c" } ] } } } }, "cveMetadata": { "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2022-25887", "datePublished": "2022-08-30T05:00:20.149607Z", "dateReserved": "2022-02-24T00:00:00", "dateUpdated": "2024-09-17T03:07:00.082Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-32013
Vulnerability from cvelistv5
Published
2021-07-19 13:20
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 2 of 2).
References
▼ | URL | Tags |
---|---|---|
https://sheetjs.com/pro | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujan2022.html | x_refsource_MISC | |
https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/ | x_refsource_MISC | |
https://www.npmjs.com/package/xlsx/v/0.17.0 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T23:17:27.913Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sheetjs.com/pro" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 2 of 2)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-07T14:42:11", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://sheetjs.com/pro" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-32013", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (memory consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js (issue 2 of 2)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://sheetjs.com/pro", "refsource": "MISC", "url": "https://sheetjs.com/pro" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/", "refsource": "MISC", "url": "https://floqast.com/engineering-blog/post/fuzzing-and-parsing-securely/" }, { "name": "https://www.npmjs.com/package/xlsx/v/0.17.0", "refsource": "MISC", "url": "https://www.npmjs.com/package/xlsx/v/0.17.0" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-32013", "datePublished": "2021-07-19T13:20:07", "dateReserved": "2021-05-03T00:00:00", "dateUpdated": "2024-08-03T23:17:27.913Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-44756
Vulnerability from cvelistv5
Published
2022-12-19 21:17
Modified
2024-08-03 14:01
Severity ?
EPSS score ?
Summary
Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | HCL Software | BigFix Insights for Vulnerability Remediation |
Version: <= v2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T14:01:31.321Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102168" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "BigFix Insights for Vulnerability Remediation", "vendor": "HCL Software", "versions": [ { "status": "affected", "version": "\u003c= v2.0" } ] } ], "datePublic": "2022-12-19T20:31:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsights for Vulnerability Remediation (IVR) is vulnerable to\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eimproper input validation. This may lead to information disclosure. This requires privileged access.\u202f\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e" } ], "value": "Insights for Vulnerability Remediation (IVR) is vulnerable to\u00a0improper input validation. This may lead to information disclosure. This requires privileged access.\u202f\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-21T01:21:43.830108Z", "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL" }, "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102168" } ], "source": { "discovery": "UNKNOWN" }, "title": "HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "assignerShortName": "HCL", "cveId": "CVE-2022-44756", "datePublished": "2022-12-19T21:17:57.664Z", "dateReserved": "2022-11-04T21:08:23.515Z", "dateUpdated": "2024-08-03T14:01:31.321Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-41183
Vulnerability from cvelistv5
Published
2021-10-26 00:00
Modified
2024-08-04 03:08
Severity ?
EPSS score ?
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T03:08:31.304Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jquery/jquery-ui/pull/1953" }, { "tags": [ "x_transferred" ], "url": "https://bugs.jqueryui.com/ticket/15284" }, { "name": "FEDORA-2021-51c256bf87", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/" }, { "name": "FEDORA-2021-ab38307fc3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/" }, { "name": "FEDORA-2021-013ab302be", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/" }, { "name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-core-2022-002" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20211118-0004/" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-contrib-2022-004" }, { "tags": [ "x_transferred" ], "url": "https://www.drupal.org/sa-core-2022-001" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "tags": [ "x_transferred" ], "url": "https://www.tenable.com/security/tns-2022-09" }, { "name": "FEDORA-2022-9d655503ea", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/" }, { "name": "FEDORA-2022-bf18450366", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "jquery-ui", "vendor": "jquery", "versions": [ { "status": "affected", "version": "\u003c 1.13.0" } ] } ], "descriptions": [ { "lang": "en", "value": "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-11-03T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/" }, { "url": "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4" }, { "url": "https://github.com/jquery/jquery-ui/pull/1953" }, { "url": "https://bugs.jqueryui.com/ticket/15284" }, { "name": "FEDORA-2021-51c256bf87", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/" }, { "name": "FEDORA-2021-ab38307fc3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/" }, { "name": "FEDORA-2021-013ab302be", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/" }, { "name": "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html" }, { "url": "https://www.drupal.org/sa-core-2022-002" }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "url": "https://security.netapp.com/advisory/ntap-20211118-0004/" }, { "url": "https://www.drupal.org/sa-contrib-2022-004" }, { "url": "https://www.drupal.org/sa-core-2022-001" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "url": "https://www.tenable.com/security/tns-2022-09" }, { "name": "FEDORA-2022-9d655503ea", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/" }, { "name": "FEDORA-2022-bf18450366", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/" }, { "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html" } ], "source": { "advisory": "GHSA-j7qv-pgf6-hvh4", "discovery": "UNKNOWN" }, "title": "XSS in `*Text` options of the Datepicker widget" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-41183", "datePublished": "2021-10-26T00:00:00", "dateReserved": "2021-09-15T00:00:00", "dateUpdated": "2024-08-04T03:08:31.304Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-42454
Vulnerability from cvelistv5
Published
2022-12-19 21:10
Modified
2024-08-03 13:10
Severity ?
EPSS score ?
Summary
Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | HCL Software | BigFix Insights for Vulnerability Remediation |
Version: <= v2.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:10:40.999Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102168" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "BigFix Insights for Vulnerability Remediation", "vendor": "HCL Software", "versions": [ { "status": "affected", "version": "\u003c= v2.0" } ] } ], "datePublic": "2022-12-19T20:31:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInsights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure.\u202f This requires privileged network access.\u003c/span\u003e\u003cbr\u003e" } ], "value": "Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure.\u202f This requires privileged network access.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-21T01:21:43.830108Z", "orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL" }, "references": [ { "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0102168" } ], "source": { "discovery": "UNKNOWN" }, "title": "HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper certificate validation", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "assignerShortName": "HCL", "cveId": "CVE-2022-42454", "datePublished": "2022-12-19T21:10:13.991Z", "dateReserved": "2022-10-06T16:01:51.742Z", "dateUpdated": "2024-08-03T13:10:40.999Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.