Vulnerability Detection Pipeline

Upcoming and New QIDs

Browse, filter by detection status, or search by CVE to get visibility into upcoming and new detections (QIDs) for all severities.

Detection Status

  • Under investigation: We are researching a detection and will publish one if it is feasible.
  • In development: We are coding a detection and will typically publish it within a few days.
  • Recently published: We have published the detection on the date indicated, and it will typically be available in the KnowledgeBase on shared platforms within a day.

Non-Qualys customers can audit their network for all published vulnerabilities by signing up for a Qualys Free Trial or Qualys Community Edition.

2396 results
CVE
Title
Severity
  • CVE-2021-43527
    Recently Published

    Oracle Managed Virtualization (VM) Server for x86 Security Update for nss (OVMSA-2021-0040)

    Severity
    Urgent5
    Qualys ID
    390251
    Date Published
    December 8, 2021
    Vendor Reference
    OVMSA-2021-0040
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Oracle VM Server for x86 has released a security update for nss to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Oracle VM Server security advisory OVMSA-2021-0040 for updates and patch information.
    Patches
    Oracle VM Server OVMSA-2021-0040
  • CVE-2021-43527
    Recently Published

    Debian Security Update for nss (DLA 2836-2)

    Severity
    Urgent5
    Qualys ID
    178931
    Date Published
    December 8, 2021
    Vendor Reference
    DLA 2836-2
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Debian has released a security update for nss to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2836-2 for updates and patch information.
    Patches
    Debian DLA 2836-2
  • CVE-2021-40490+
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3969-1)

    Severity
    Critical4
    Qualys ID
    751473
    Date Published
    December 8, 2021
    Vendor Reference
    SUSE-SU-2021:3969-1
    CVE Reference
    CVE-2021-40490, CVE-2021-3732, CVE-2021-20322, CVE-2021-0941, CVE-2019-3874, CVE-2021-22543, CVE-2021-41864, CVE-2021-3744, CVE-2021-3764, CVE-2021-34556, CVE-2021-38160, CVE-2021-3752, CVE-2019-3900, CVE-2021-38198, CVE-2021-42252, CVE-2021-37159, CVE-2021-42008, CVE-2021-33033, CVE-2021-31916, CVE-2021-38204, CVE-2020-3702, CVE-2021-3772, CVE-2021-3656, CVE-2021-20320, CVE-2021-34981, CVE-2021-3760, CVE-2021-3659, CVE-2021-35477, CVE-2018-3639, CVE-2021-3640, CVE-2018-9517, CVE-2021-3653, CVE-2021-3753, CVE-2020-12770, CVE-2021-3655, CVE-2021-3679, CVE-2021-37576
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    SUSE has released a security update for kernel to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3969-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3969-1
  • CVE-2021-37713+
    Recently Published

    OpenSUSE Security Update for nodejs14 (openSUSE-SU-2021:3964-1)

    Severity
    Critical4
    Qualys ID
    751475
    Date Published
    December 8, 2021
    Vendor Reference
    openSUSE-SU-2021:3964-1
    CVE Reference
    CVE-2021-37713, CVE-2021-39135, CVE-2021-37712, CVE-2021-39134, CVE-2021-22959, CVE-2021-22960, CVE-2021-37701
    CVSS Scores
    Base 8.6 / Temporal 7.5
    Description
    OpenSUSE has released a security update for nodejs14 to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    Malicious users could also use this vulnerability to change partial contents or configuration on the system and information disclosure.Denial of service can appear in some cases too.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3964-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3964-1
  • CVE-2021-43798
    Recently Published

    Grafana Path Traversal Vulnerability

    Severity
    Critical4
    Qualys ID
    730294
    Date Published
    December 8, 2021
    Vendor Reference
    Grafana Security Advisory
    CVE Reference
    CVE-2021-43798
    CVSS Scores
    Base 7.5 / Temporal 6.7
    Description

    Grafana is a multi-platform open source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources.

    Grafana is vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: grafana_host_url/public/plugins/"plugin-id" where "plugin-id" is the plugin ID for any installed plugin.

    Affected Versions:
    Grafana versions from v8.0.0-beta1 through v8.3.0

    QID Detection Logic (Unauthenticated):
    This QID checks for vulnerable installation of Grafana Enterprise by sending a path traversal payload to the Grafana Server and tries to read the /etc/passwd file on Linux systems and the system.ini and /etc/hosts file on Windows systems

    Consequence
    Successful exploitation of the vulnerability may allow attackers to view sensitive files on the remote server including the grafana database file or the passwd file on Linux systems.

    Solution
    Customers are advised to update to Grafana version 8.3.1, 8.2.7, 8.1.8, 8.0.7 or later. For more information please refer here Workaround:
    If you cannot upgrade, running a reverse proxy in front of Grafana that normalizes the PATH of the request will mitigate the vulnerability. For example, the normalize_path setting in envoy.

    Patches
    NA
  • CVE-2021-43798
    Under Investigation

    Grafana Path Traversal Vulnerability (CVE-2021-43798)

    Severity
    Critical4
    Qualys ID
    150439
    Vendor Reference
    Grafana Security Advisory
    CVE Reference
    CVE-2021-43798
    CVSS Scores
    Base 7.5 / Temporal 6.7
    Description

    Grafana is a multi-platform open source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources.

    Affected versions of Grafana is vulnerable to a path traversal attack, allowing remote attackers to read arbitrary files from the vulnerable server. Affected Versions:
    Grafana versions from v8.0.0-beta1 through v8.3.0

    QID Detection Logic (Unauthenticated) :
    This QID sends an HTTP GET request with path traversal payload to access the server file /etc/passwd and grafana.ini and based on the response confirms if the Grafana server is vulnerable.

    Consequence
    Successful exploitation of the vulnerability may allow remote attackers to read sensitive files on the target server.

    Solution
    Customers are advised to upgrade to Grafana version 8.3.1, 8.2.7, 8.1.8, 8.0.7 or later to remediate this vulnerability. For more information please refer Grafana Blog
    Patches
    GHSA-8pjx-jj86-j47p
  • CVE-2021-3732
    Recently Published

    Oracle Managed Virtualization (VM) Server for x86 Security Update for kernel (OVMSA-2021-0039)

    Severity
    Critical4
    Qualys ID
    390252
    Date Published
    December 8, 2021
    Vendor Reference
    OVMSA-2021-0039
    CVE Reference
    CVE-2021-3732
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Oracle VM Server for x86 has released a security update for kernel to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Oracle VM Server security advisory OVMSA-2021-0039 for updates and patch information.
    Patches
    Oracle VM Server OVMSA-2021-0039
  • CVE-2012-4701
    In Development

    Tridium NiagaraAX Directory Traversal Vulnerability (ICSA-13-045-01)

    Severity
    Urgent5
    Qualys ID
    590616
    Vendor Reference
    ICSA-13-045-01
    CVE Reference
    CVE-2012-4701
    CVSS Scores
    Base / Temporal
    Description

    Affected products:
    Tridium NiagaraAX, all versions.

    QID Detection Logic (Authenticated)
    QID checks for the Vulnerable version using windows registry keys

    Consequence
    A loss of integrity, data, and possibly physical damage can result if the software is being used to control a physical process. Another consequence might be the compromise of facility security where NiagaraAX is used for facility access control and administration. to individual organizations depends on many factors that are unique to each organization.
    Solution

    Customers are advised to refer to CERT MITIGATIONS section ICSA-13-045-01 for affected packages and patching details.

    Patches
    ICSA-13-045-01
  • CVE-2018-10685+
    Recently Published

    Ubuntu Security Notification for Long Range ZIP Vulnerabilities (USN-5171-1)

    Severity
    Urgent5
    Qualys ID
    198595
    Date Published
    December 8, 2021
    Vendor Reference
    USN-5171-1
    CVE Reference
    CVE-2018-10685, CVE-2017-8844, CVE-2018-5650, CVE-2018-5786, CVE-2017-9928, CVE-2018-5747, CVE-2017-9929, CVE-2018-11496, CVE-2017-8846
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Long range zip incorrectly handled certain specially crafted lrz files.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    a remote attacker could possibly use this issue to cause a denial of service (crash) or other unspecified impact..
    Solution
    Refer to Ubuntu security advisory USN-5171-1 for updates and patch information.
    Patches
    Ubuntu Linux USN-5171-1
  • CVE-2018-19200+
    Recently Published

    Ubuntu Security Notification for uriparser Vulnerabilities (USN-5172-1)

    Severity
    Urgent5
    Qualys ID
    198594
    Date Published
    December 8, 2021
    Vendor Reference
    USN-5172-1
    CVE Reference
    CVE-2018-19200, CVE-2018-19199, CVE-2018-20721, CVE-2018-19198
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Uriparser mishandled certain input.
    Uriparser incorrectly handled certain uris.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    an attacker could use this vulnerability to cause uriparser to crash or possibly execute arbitrary code. (
    Cve-2018-19198, cve-2018-19199, cve-2018-19200).
    An attacker could use this vulnerability to cause a crash or possibly leak sensitive information. (
    Cve-2018-20721).
    Solution
    Refer to Ubuntu security advisory USN-5172-1 for updates and patch information.
    Patches
    Ubuntu Linux USN-5172-1
  • Recently Published

    Ecava IntegraXor DLL Hijacking (Update B) Vulnerability (ICSA-11-147-01B)

    Severity
    Urgent5
    Qualys ID
    590613
    Date Published
    December 8, 2021
    Vendor Reference
    ICSA-11-147-01B
    CVSS Scores
    Base 9.4 / Temporal 8.2
    Description

    Affected products:
    This vulnerability affects all IntegraXor versions prior to Version 3.60 (Build 4090).

    QID Detection Logic (Authenticated)
    QID checks for the Vulnerable version using windows registry keys

    Consequence
    A successful exploit of this vulnerability leads to arbitrary code execution.
    Solution

    Customers are advised to refer to CERT MITIGATIONS section ICSA-11-147-01B for affected packages and patching details.

    Patches
    ICSA-11-147-01B
  • CVE-2019-14463+
    In Development

    Ubuntu Security Notification for libmodbus Vulnerabilities (USN-5173-1)

    Severity
    Urgent5
    Qualys ID
    198593
    Vendor Reference
    USN-5173-1
    CVE Reference
    CVE-2019-14463, CVE-2019-14462
    CVSS Scores
    Base 9.1 / Temporal 7.9
    Description
    Libmodbus incorrectly handled inputs.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    an attacker could possibly use this issue to cause a denial of service or other unspecified impact..
    Solution
    Refer to Ubuntu security advisory USN-5173-1 for updates and patch information.
    Patches
    Ubuntu Linux USN-5173-1
  • CVE-2018-10105+
    In Development

    F5 BIG-IP Local Traffic Manager (LTM), Application Security Manager (ASM), Access Policy Manager (APM) Multiple tcpdump Vulnerabilities (K44551633)

    Severity
    Critical4
    Qualys ID
    376142
    Vendor Reference
    K44551633
    CVE Reference
    CVE-2018-10105, CVE-2018-14881, CVE-2018-16452, CVE-2018-16229, CVE-2018-14882, CVE-2018-16228, CVE-2018-10103, CVE-2018-16227, CVE-2018-16300, CVE-2019-15166, CVE-2018-16230, CVE-2018-16451
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).CVE-2018-10103

    tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).CVE-2018-10105

    The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.CVE-2018-14882

    lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. CVE-2019-15166

    The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).CVE-2018-16230

    The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.CVE-2018-16300

    The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). CVE-2018-14881

    The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). CVE-2018-16229

    The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().CVE-2018-16228

    The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.CVE-2018-16227

    The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.CVE-2018-16451

    The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.CVE-2018-16452

    Vulnerable Component: BIG-IP ASM,LTM,APM

    Affected Versions:
    15.0.0 - 15.1.2
    14.0.0 - 14.1.3
    13.1.0 - 13.1.4
    12.1.0 - 12.1.6
    11.5.2 - 11.6.5

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    These vulnerabilities can result in denial of service (DoS) or, potentially, execution of arbitrary code.

    Solution
    The vendor has released patch, for more information please visit: K44551633
    Patches
    K44551633
  • CVE-2021-37207
    Recently Published

    Siemens SENTRON powermanager Incorrect Permission Assignment for Critical Resource Vulnerability (ICSA-21-315-10)

    Severity
    Critical4
    Qualys ID
    590612
    Date Published
    December 8, 2021
    Vendor Reference
    ICSA-21-315-10
    CVE Reference
    CVE-2021-37207
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description

    AFFECTED PRODUCTS
    The following versions of Siemens SENTRON powermanager, a power monitoring software to analyze energy consumption, are affected:
    SENTRON powermanager Version 3: All versions

    QID Detection Logic (Authenticated):
    QID checks for the Vulnerable version of Siemens using registry "HKLM\SOFTWARE\Siemens" Note: As we are unable to check for the patch mentioned so making this a Potential check.

    Consequence
    Successful exploitation of this vulnerability could allow an authenticated local attacker to inject arbitrary code and escalate privileges.
    Solution

    Customers are advised to refer to CERT MITIGATIONS section ICSA-21-315-10 for affected packages and patching details.

    Patches
    ICSA-21-315-10
  • CVE-2021-21980+
    Recently Published

    VMware vCenter Server 6.5 Update 6.5 U3R (VMSA-2021-0027)

    Severity
    Urgent5
    Qualys ID
    216271
    Date Published
    December 7, 2021
    Vendor Reference
    VMSA-2021-0027
    CVE Reference
    CVE-2021-21980, CVE-2021-22049
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    VMware vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

    CVE-2021-21980: The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
    CVE-2021-22049: The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.

    Affected Versions:
    VMware vCenter Server 6.5 prior to build 18711281

    QID Detection Logic (Unauthenticated):
    This QID checks for vulnerable versions of VMware vCenter Server with build version using web service present on the target.

    Consequence
    A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service to gain access to sensitive information
    Solution
    VMware has released patch for VMware vCenter Server 6.5 , visit VMware vCenter Server 6.5 Update 3R Release Notes

    Refer to VMware advisory VMSA-2021-0027 for more information.

    Patches
    VMware vCenter Server 6.5 U3R
  • CVE-2021-21980+
    Recently Published

    VMware vCenter Server 6.7 Update 6.7 U3P (VMSA-2021-0027)

    Severity
    Urgent5
    Qualys ID
    216270
    Date Published
    December 7, 2021
    Vendor Reference
    VMSA-2021-0027
    CVE Reference
    CVE-2021-21980, CVE-2021-22049
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    VMware vCenter Server is a server management solution that helps IT admins manage virtualized hosts and virtual machines in enterprise environments via a single console.

    CVE-2021-21980: The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
    CVE-2021-22049: The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.

    Affected Versions:
    VMware vCenter Server 6.7 prior to build 18831049

    QID Detection Logic (Unauthenticated):
    This QID checks for vulnerable versions of VMware vCenter Server with build version using web service present on the target.

    Consequence
    A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service to gain access to sensitive information
    Solution
    VMware has released patch for VMware vCenter Server 6.7 , visit VMware vCenter Server 6.7 Update 3P Release Notes

    Refer to VMware advisory VMSA-2021-0027 for more information.

    Patches
    VMware vCenter Server 6.7 U3P
  • CVE-2021-44025+
    Recently Published

    Debian Security Update for roundcube (DLA 2840-1)

    Severity
    Urgent5
    Qualys ID
    178930
    Date Published
    December 7, 2021
    Vendor Reference
    DLA 2840-1
    CVE Reference
    CVE-2021-44025, CVE-2021-44026
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released a security update for roundcube to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2840-1 for updates and patch information.
    Patches
    Debian DLA 2840-1
  • CVE-2021-43527
    Recently Published

    Red Hat Update for nss (RHSA-2021:4953)

    Severity
    Urgent5
    Qualys ID
    239931
    Date Published
    December 7, 2021
    Vendor Reference
    RHSA-2021:4953
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    network security services (nss) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

    Security Fix(es):
    • nss: memory corruption in decodeecordsasignature with dsa signatures (and rsa-pss) (cve-2021-43527)

    Affected Products:

    • Red Hat enterprise linux for x86_64 - extended update support 8.1 x86_64
    • Red Hat enterprise linux for ibm z systems - extended update support 8.1 s390x
    • Red Hat enterprise linux for power, little endian - extended update support 8.1 ppc64le
    • Red Hat enterprise linux for arm 64 - extended update support 8.1 aarch64
    • Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.1 ppc64le
    • Red Hat enterprise linux server - update services for sap solutions 8.1 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4953 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4953
  • CVE-2021-43527
    Recently Published

    Red Hat Update for thunderbird (RHSA-2021:4954)

    Severity
    Urgent5
    Qualys ID
    239930
    Date Published
    December 7, 2021
    Vendor Reference
    RHSA-2021:4954
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    mozilla thunderbird is a standalone mail and newsgroup client.

    Security Fix(es):
    • nss: memory corruption in decodeecordsasignature with dsa signatures (and rsa-pss) (cve-2021-43527)

    Affected Products:

    • Red Hat enterprise linux for x86_64 - extended update support 8.2 x86_64
    • Red Hat enterprise linux server - aus 8.2 x86_64
    • Red Hat enterprise linux for power, little endian - extended update support 8.2 ppc64le
    • Red Hat enterprise linux server - tus 8.2 x86_64
    • Red Hat enterprise linux for arm 64 - extended update support 8.2 aarch64
    • Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.2 ppc64le
    • Red Hat enterprise linux server - update services for sap solutions 8.2 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4954 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4954
  • CVE-2021-3653+
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3935-1)

    Severity
    Critical4
    Qualys ID
    751451
    Date Published
    December 7, 2021
    Vendor Reference
    SUSE-SU-2021:3935-1
    CVE Reference
    CVE-2021-3653, CVE-2021-40490, CVE-2021-42008, CVE-2021-37159, CVE-2021-38198, CVE-2021-34981, CVE-2020-14305, CVE-2021-3732, CVE-2020-4788, CVE-2021-38160, CVE-2018-13405, CVE-2021-3679, CVE-2021-3772, CVE-2021-20265, CVE-2021-3752, CVE-2021-35477, CVE-2021-33033, CVE-2018-16882, CVE-2020-12655, CVE-2020-3702, CVE-2020-0429, CVE-2021-3542, CVE-2021-3760, CVE-2021-38204, CVE-2021-42739, CVE-2021-34556, CVE-2017-17864, CVE-2021-3896, CVE-2021-43389, CVE-2021-31916, CVE-2021-37576, CVE-2017-17862, CVE-2021-3659, CVE-2021-3715, CVE-2021-20322, CVE-2021-3753, CVE-2021-3640, CVE-2021-3655
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    SUSE has released a security update for kernel to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 12 SP3
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3935-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3935-1
  • CVE-2021-22960+
    Recently Published

    OpenSUSE Security Update for nodejs12 (openSUSE-SU-2021:3940-1)

    Severity
    Critical4
    Qualys ID
    751457
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:3940-1
    CVE Reference
    CVE-2021-22960, CVE-2021-37701, CVE-2021-37712, CVE-2021-39134, CVE-2021-22959, CVE-2021-39135, CVE-2021-37713
    CVSS Scores
    Base 8.6 / Temporal 7.5
    Description
    OpenSUSE has released a security update for nodejs12 to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    Malicious users could also use this vulnerability to change partial contents or configuration on the system and information disclosure.Denial of service can appear in some cases too.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3940-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3940-1
  • CVE-2021-42771
    Recently Published

    OpenSUSE Security Update for python-Babel (openSUSE-SU-2021:3945-1)

    Severity
    Critical4
    Qualys ID
    751471
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:3945-1
    CVE Reference
    CVE-2021-42771
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    OpenSUSE has released a security update for python-Babel to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3945-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3945-1
  • CVE-2021-31810+
    Recently Published

    OpenSUSE Security Update for ruby2.5 (openSUSE-SU-2021:1535-1)

    Severity
    Critical4
    Qualys ID
    751459
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:1535-1
    CVE Reference
    CVE-2021-31810, CVE-2021-32066, CVE-2021-31799
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    OpenSUSE has released a security update for ruby2.5 to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.2

    Consequence
    Malicious users could also use this vulnerability to change partial contents or configuration on the system and information disclosure.Denial of service can appear in some cases too.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:1535-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:1535-1
  • CVE-2021-41617
    Recently Published

    OpenSUSE Security Update for openssh (openSUSE-SU-2021:3950-1)

    Severity
    Critical4
    Qualys ID
    751465
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:3950-1
    CVE Reference
    CVE-2021-41617
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    OpenSUSE has released a security update for openssh to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3950-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3950-1
  • CVE-2021-41617
    Recently Published

    SUSE Enterprise Linux Security Update for openssh (SUSE-SU-2021:3947-1)

    Severity
    Critical4
    Qualys ID
    751452
    Date Published
    December 7, 2021
    Vendor Reference
    SUSE-SU-2021:3947-1
    CVE Reference
    CVE-2021-41617
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    SUSE has released a security update for openssh to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15 SP1
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3947-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3947-1
  • CVE-2021-41617
    Recently Published

    SUSE Enterprise Linux Security Update for openssh (SUSE-SU-2021:3951-1)

    Severity
    Critical4
    Qualys ID
    751446
    Date Published
    December 7, 2021
    Vendor Reference
    SUSE-SU-2021:3951-1
    CVE Reference
    CVE-2021-41617
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    SUSE has released a security update for openssh to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 12 SP3
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3951-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3951-1
  • CVE-2021-0941+
    Recently Published

    OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3941-1)

    Severity
    Critical4
    Qualys ID
    751462
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:3941-1
    CVE Reference
    CVE-2021-0941, CVE-2021-34981, CVE-2021-20322, CVE-2021-31916
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    OpenSUSE has released a security update for the Linux Kernel to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3941-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3941-1
  • CVE-2020-13645
    Recently Published

    OpenSUSE Security Update for glib-networking (openSUSE-SU-2021:3944-1)

    Severity
    Critical4
    Qualys ID
    751458
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:3944-1
    CVE Reference
    CVE-2020-13645
    CVSS Scores
    Base 6.5 / Temporal 5.7
    Description
    OpenSUSE has released a security update for glib-networking to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    Malicious users could also use this vulnerability to change partial contents or configuration on the system and information disclosure.Denial of service can appear in some cases too.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3944-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3944-1
  • CVE-2021-43527
    Recently Published

    OpenSUSE Security Update for mozilla-nss (openSUSE-SU-2021:3934-1)

    Severity
    Critical4
    Qualys ID
    751464
    Date Published
    December 7, 2021
    Vendor Reference
    openSUSE-SU-2021:3934-1
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    OpenSUSE has released a security update for mozilla-nss to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    Malicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3934-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3934-1
  • CVE-2021-43527
    Recently Published

    SUSE Enterprise Linux Security Update for mozilla-nss (SUSE-SU-2021:3939-1)

    Severity
    Critical4
    Qualys ID
    751453
    Date Published
    December 7, 2021
    Vendor Reference
    SUSE-SU-2021:3939-1
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    SUSE has released a security update for mozilla-nss to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server 12 SP5
    SUSE Linux Enterprise (Desktop|Server) 12 SP5
    SUSE Linux Enterprise Server for SAP Applications 12 SP4
    SUSE Linux Enterprise Server for SAP Applications 12 SP3
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3939-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3939-1
  • CVE-2021-43527
    Recently Published

    SUSE Enterprise Linux Security Update for mozilla-nss (SUSE-SU-2021:3934-1)

    Severity
    Critical4
    Qualys ID
    751449
    Date Published
    December 7, 2021
    Vendor Reference
    SUSE-SU-2021:3934-1
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    SUSE has released a security update for mozilla-nss to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15 SP1
    SUSE Linux Enterprise Server for SAP Applications 15
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3934-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3934-1
  • CVE-2021-4057+
    Recently Published

    Google Chrome Prior to 96.0.4664.93 Multiple Vulnerabilities

    Severity
    Critical4
    Qualys ID
    376140
    Date Published
    December 7, 2021
    Vendor Reference
    Google Chrome 96.0.4664.93
    CVE Reference
    CVE-2021-4057, CVE-2021-4063, CVE-2021-4054, CVE-2021-4055, CVE-2021-4066, CVE-2021-4067, CVE-2021-4056, CVE-2021-4053, CVE-2021-4058, CVE-2021-4064, CVE-2021-4065, CVE-2021-4068, CVE-2021-4062, CVE-2021-4052, CVE-2021-4061, CVE-2021-4059
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Chrome has released security updates for Windows, Mac, and Linux to fix the vulnerabilities.


    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Chrome security advisory 96.0.4664.93 for updates and patch information.
    Patches
    Google Chrome 96.0.4664.93
  • CVE-2021-20587+
    Recently Published

    Mitsubishi Electric FA Engineering Software Products (Update C) Multiple Vulnerabilities (ICSA-21-049-02)

    Severity
    Urgent5
    Qualys ID
    590609
    Date Published
    December 7, 2021
    Vendor Reference
    ICSA-21-049-02
    CVE Reference
    CVE-2021-20587, CVE-2021-20588
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    AFFECTED PRODUCTS
    Mitsubishi Electric reports these vulnerabilities affect the following FA Engineering Software Products that communicate with MELSEC, FREQROL, or GOT products:
    CPU Module Logging Configuration Tool, Versions 1.112R and prior
    CW Configurator, Versions 1.011M and prior
    Data Transfer, Versions 3.44W and prior
    FR Configurator2, versions 1.24A and prior
    GT Designer3 Version1(GOT1000), Versions 1.250L and prior.

    QID Detection Logic (Authenticated)
    QID checks for the Vulnerable version using windows registry keys

    Consequence
    Successful exploitation of these vulnerabilities may cause a denial-of-service condition.
    Solution

    Customers are advised to refer to CERT MITIGATIONS section ICSA-21-049-02 for affected packages and patching details.

    Patches
    ICSA-21-049-02
  • CVE-2020-16039+
    Recently Published

    Free Berkeley Software Distribution (FreeBSD) Security Update for chromium (01ffd06a-36ed-11eb-b655-3065ec8fd3ec)

    Severity
    Urgent5
    Qualys ID
    690728
    Date Published
    December 7, 2021
    Vendor Reference
    01ffd06a-36ed-11eb-b655-3065ec8fd3ec
    CVE Reference
    CVE-2020-16039, CVE-2020-16042, CVE-2020-16038, CVE-2020-16037, CVE-2020-16040, CVE-2020-16041
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    FreeBSD has released a security update for chromium to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to FreeBSD security advisory 01ffd06a-36ed-11eb-b655-3065ec8fd3ec for updates and patch information.
    Patches
    "FreeBSD" 01ffd06a-36ed-11eb-b655-3065ec8fd3ec
  • CVE-2021-3711
    In Development

    Open Secure Sockets Layer (OpenSSL) Security Update (OpenSSL Security Advisory 20210824)

    Severity
    Critical4
    Qualys ID
    38855
    Vendor Reference
    OpenSSL Security Advisory 20210824
    CVE Reference
    CVE-2021-3711
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    An OpenSSL TLS server In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter..

    Affected Versions:
    OpenSSL version 1.1.1k and below

    QID Detection Logic:(Unauthenticated)
    This QID matches vulnerable versions based on the exposed banner information.

    Consequence
    Successful exploitation of the vulnerability enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc.
    Solution
    The vendor has released a patch. Fixed in OpenSSL 1.1.1l For more information please visit advisory.
    Patches
    20210824
  • CVE-2021-44143+
    Recently Published

    Fedora Security Update for isync (FEDORA-2021-577129851b)

    Severity
    Critical4
    Qualys ID
    282098
    Date Published
    December 6, 2021
    Vendor Reference
    FEDORA-2021-577129851b
    CVE Reference
    CVE-2021-44143, CVE-2021-3657
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Fedora has released a security update for isync to fix the vulnerabilities.

    Affected OS:
    Fedora 34


    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to Fedora security advisory Fedora 34 for updates and patch information.
    Patches
    Fedora 34 FEDORA-2021-577129851b
  • CVE-2021-28707+
    Recently Published

    Debian Security Update for xen (DSA 5017-1)

    Severity
    Critical4
    Qualys ID
    178928
    Date Published
    December 6, 2021
    Vendor Reference
    DSA 5017-1
    CVE Reference
    CVE-2021-28707, CVE-2021-28705, CVE-2021-28706, CVE-2021-28709, CVE-2021-28708, CVE-2021-28704
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Debian has released a security update for xen to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DSA 5017-1 for updates and patch information.
    Patches
    Debian DSA 5017-1
  • CVE-2021-3544+
    In Development

    Oracle Enterprise Linux Security Update for qemu (ELSA-2021-9425)

    Severity
    Critical4
    Qualys ID
    159465
    Vendor Reference
    ELSA-2021-9425
    CVE Reference
    CVE-2021-3544, CVE-2021-3392, CVE-2021-3546, CVE-2021-3582, CVE-2021-3527, CVE-2021-3607, CVE-2021-3545, CVE-2021-3608
    CVSS Scores
    Base 8.2 / Temporal 7.1
    Description
    Oracle Enterprise Linux has released a security update for qemu to fix the vulnerabilities.
    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation allows an attacker to compromise the system.
    Solution
    To resolve this issue, upgrade to the latest packages which contain a patch.Refer to Oracle Enterprise Linux advisory below for updates and patch information:

    ELSA-2021-9425
    Patches
    Oracle Linux ELSA-2021-9425
  • CVE-2021-44077
    Recently Published

    Zoho ManageEngine SupportCenter Plus Remote Code Execution (RCE) Vulnerability

    Severity
    Critical4
    Qualys ID
    730291
    Date Published
    December 8, 2021
    Vendor Reference
    SupportCenter Plus
    CVE Reference
    CVE-2021-44077
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    SupportCenter Plus is a web-based customer support software that lets organizations effectively manage customer tickets, their account and contact information, the service contracts and in the process providing a superior customer experience.

    ManageEngine SupportCenter Plus is prone to unauthenticated remote code execution (RCE).

    Affected Version:
    Zoho ManageEngine SupportCenter Plus 11012 and 11013.

    QID Detection logic:(authenticated and unauthenticated)

    It checks for vulnerable version of Zoho ManageEngine SupportCenter Plus

    Consequence
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.
    Solution
    The vendor has released a patch.
    Customers are advised to visit release-notes for updates pertaining this vulnerability.
    Patches
    SupportCenter Plus
  • CVE-2021-44077
    Recently Published

    Zoho ManageEngine ServiceDesk Plus Remote Code Execution (RCE) Vulnerability

    Severity
    Critical4
    Qualys ID
    376137
    Date Published
    December 8, 2021
    Vendor Reference
    ServiceDesk Plus
    CVE Reference
    CVE-2021-44077
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    ManageEngine ServiceDesk Plus is a Help Desk and Asset Management Software. It offers an Integrated Package with Incident Management(Trouble Ticketing), Asset Tracking, Purchasing, Contract Management, Self-Service Portal, and Knowledge Base.
    Zoho ManageEngine ServiceDesk Plus (SDP) before 11306 allows unauthenticated remote code execution (RCE).


    Affected Versions:
    Zoho ServiceDesk Plus (SDP) before 11306

    QID Detection logic:(authenticated and unauthenticated)

    It checks for vulnerable version of Zoho ManageEngine ServiceDesk Plus

    Consequence
    Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to execute arbitrary code on the target system.
    Solution
    Customers are advised to update to Zoho ManageEngine ServiceDesk Plus build 11306 or later.
    Patches
    ServiceDesk Plus
  • CVE-2021-40743+
    Recently Published

    Adobe InDesign Multiple Vulnerabilities (APSB21-107)

    Severity
    Critical4
    Qualys ID
    376125
    Date Published
    December 8, 2021
    Vendor Reference
    APSB21-107
    CVE Reference
    CVE-2021-40743, CVE-2021-42732, CVE-2021-42731
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description

    Adobe InDesign is a desktop publishing software application.
    Affected Version:
    16.4 and earlier versions for MAC and Windows OS

    QID Detection Logic (Authenticated):
    This checks for vulnerable versions of InDesign.

    Consequence
    a successful exploitation could lead to arbitrary code execution and denial of service

    Solution
    Please refer to Adobe advisory APSB21-107 for details.
    Patches
    APSB21-107
  • CVE-2021-40776
    Recently Published

    Adobe Lightroom Classic Privilege escalation Vulnerability (APSB21-97)

    Severity
    Urgent5
    Qualys ID
    376135
    Date Published
    December 7, 2021
    Vendor Reference
    APSB21-97
    CVE Reference
    CVE-2021-40776
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Adobe Lightroom is a RAW converter. When you add images, it manages the file type in the background. Lightroom supports images in all kinds of formats.

    This update addresses a critical vulnerability. Privilege escalation in Adobe Lightroom.

    Affected Versions:
    Adobe Lightroom Classic 10.3 and earlier versions.

    QID Detection Logic:
    This QID checks Windows registry to see if Adobe Lightroom Classic is installed. If found, it checks the installed versions is vulnerable or not.

    Consequence
    Successful exploitation could lead to arbitrary code execution in the context of the current user.

    Solution
    The vendor has released a patch for Adobe Prelude
    For more information please visit APSB21-97
    Patches
    APSB21-97
  • CVE-2021-26104
    Recently Published

    FortiGate FortiManager and FortiAnalyzer OS command injection Vulnerability (CWE-78)

    Severity
    Critical4
    Qualys ID
    376126
    Date Published
    December 7, 2021
    Vendor Reference
    CVE-2021-26104
    CVE Reference
    CVE-2021-26104
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    FortiManager provides centralized policy-based provisioning, device configuration, and update management for FortiGate, FortiWiFi, and FortiMail appliances, and FortiClient end-point security agents, plus end-to-end network monitoring and device control.

    The vulnerability allows a local user to escalate privileges on the system. The vulnerability exists due to improper input validation in the command line interface. A local user can execute arbitrary shell commands as root via specifically crafted CLI command parameters.

    Affected Products:
    FortiManager versions 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5
    FortiAnalyzer versions 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5

    QID Detection Logic(Authenticated):
    QID will fire the command get system status and will match the affected version

    Consequence
    The vulnerability allows a local user to escalate privileges on the system and execute arbitrary shell commands as root via specifically crafted CLI command parameters.
    Solution

    Customers are advised to refer to CVE-2021-26104 for more information.

    Patches
    CVE-2021-26104
  • CVE-2021-43527
    Recently Published

    Fedora Security Update for nss (FEDORA-2021-d0be347892)

    Severity
    Critical4
    Qualys ID
    282094
    Date Published
    December 6, 2021
    Vendor Reference
    FEDORA-2021-d0be347892
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Fedora has released a security update for nss to fix the vulnerabilities.

    Affected OS:
    Fedora 34


    Consequence
    Malicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to Fedora security advisory Fedora 34 for updates and patch information.
    Patches
    Fedora 34 FEDORA-2021-d0be347892
  • CVE-2021-40391
    Recently Published

    Debian Security Update for gerbv (DLA 2839-1)

    Severity
    Urgent5
    Qualys ID
    178926
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2839-1
    CVE Reference
    CVE-2021-40391
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released a security update for gerbv to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2839-1 for updates and patch information.
    Patches
    Debian DLA 2839-1
  • CVE-2021-21685+
    Recently Published

    Red Hat OpenShift Container Platform 569 Security Update (RHSA-2021:4827)

    Severity
    Critical4
    Qualys ID
    239929
    Date Published
    December 6, 2021
    Vendor Reference
    RHSA-2021:4827
    CVE Reference
    CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

    Security Fix(es):
    • jenkins-2-plugins/subversion: does not restrict the name of a file when looking up a subversion key (cve-2021-21698)
    • jenkins: filepath#mkdirs does not check permission to create parent directories (cve-2021-21685)
    • jenkins: file path filters do not canonicalize paths, allowing operations

    Affected Products:

    • Red Hat openshift container platform 3.11 x86_64
    • Red Hat openshift container platform for power 3.11 ppc64le



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4827 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4827
  • CVE-2021-21899+
    Recently Published

    Debian Security Update for librecad (DLA 2838-1)

    Severity
    Critical4
    Qualys ID
    178927
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2838-1
    CVE Reference
    CVE-2021-21899, CVE-2021-21898, CVE-2021-21900
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Debian has released a security update for librecad to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2838-1 for updates and patch information.
    Patches
    Debian DLA 2838-1
  • CVE-2021-27291
    Recently Published

    OpenSUSE Security Update for python-Pygments (openSUSE-SU-2021:1521-1)

    Severity
    Critical4
    Qualys ID
    751444
    Date Published
    December 6, 2021
    Vendor Reference
    openSUSE-SU-2021:1521-1
    CVE Reference
    CVE-2021-27291
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    OpenSUSE has released a security update for python-Pygments to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.2

    Consequence
    This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:1521-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:1521-1
  • CVE-2021-41617
    Recently Published

    SUSE Enterprise Linux Security Update for openssh (SUSE-SU-2021:3887-1)

    Severity
    Critical4
    Qualys ID
    751443
    Date Published
    December 6, 2021
    Vendor Reference
    SUSE-SU-2021:3887-1
    CVE Reference
    CVE-2021-41617
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    SUSE has released a security update for openssh to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3887-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3887-1
  • In Development

    Bssaudio Soundweb London Default Credentials Detected

    Severity
    Urgent5
    Qualys ID
    38853
    CVSS Scores
    Base 9.8 / Temporal 9.3
    Description

    Soundweb London represents a truly flexible and scalable system implementing all the major networked audio protocols.

    QID Detection Logic:
    This QID requests telnet session with credentials 'bssaudio:monkey'

    Consequence
    Remote attacker could access Bssaudio Soundweb to perform malicious activities.
    Solution

    Customers are advised not to use default credentials.

  • CVE-2019-17042+
    Recently Published

    Debian Security Update for rsyslog (DLA 2835-1)

    Severity
    Urgent5
    Qualys ID
    178924
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2835-1
    CVE Reference
    CVE-2019-17042, CVE-2019-17041
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released a security update for rsyslog to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2835-1 for updates and patch information.
    Patches
    Debian DLA 2835-1
  • CVE-2018-20721
    Recently Published

    Debian Security Update for uriparser (DLA 2834-1)

    Severity
    Urgent5
    Qualys ID
    178923
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2834-1
    CVE Reference
    CVE-2018-20721
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Debian has released a security update for uriparser to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2834-1 for updates and patch information.
    Patches
    Debian DLA 2834-1
  • CVE-2021-43527
    Recently Published

    Red Hat Update for nss (RHSA-2021:4919)

    Severity
    Urgent5
    Qualys ID
    239924
    Date Published
    December 6, 2021
    Vendor Reference
    RHSA-2021:4919
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    network security services (nss) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

    Security Fix(es):
    • nss: memory corruption in decodeecordsasignature with dsa signatures (and rsa-pss) (cve-2021-43527)

    Affected Products:

    • Red Hat enterprise linux for x86_64 - extended update support 8.2 x86_64
    • Red Hat enterprise linux server - aus 8.2 x86_64
    • Red Hat enterprise linux for ibm z systems - extended update support 8.2 s390x
    • Red Hat enterprise linux for power, little endian - extended update support 8.2 ppc64le
    • Red Hat enterprise linux server - tus 8.2 x86_64
    • Red Hat enterprise linux for arm 64 - extended update support 8.2 aarch64
    • Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.2 ppc64le
    • Red Hat enterprise linux server - update services for sap solutions 8.2 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4919 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4919
  • CVE-2021-21685+
    Recently Published

    Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2021:4799)

    Severity
    Critical4
    Qualys ID
    770126
    Date Published
    December 6, 2021
    Vendor Reference
    RHSA-2021:4799
    CVE Reference
    CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

    Security Fix(es):
    • jenkins-2-plugins/subversion: does not restrict the name of a file when

    Affected Products:

    • Red Hat openshift container platform 4.6 for rhel 8 x86_64
    • Red Hat openshift container platform 4.6 for rhel 7 x86_64
    • Red Hat openshift container platform for power 4.6 for rhel 8 ppc64le
    • Red Hat openshift container platform for ibm z and linuxone 4.6 for rhel 8 s390x



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4799 for updates and patch information.
    Patches
    Red Hat Enterprise Linux CoreOS RHSA-2021:4799
  • CVE-2021-30648
    Recently Published

    Symantec Advanced Secure Gateway (ASG) and ProxySG Authentication Bypass Vulnerability

    Severity
    Critical4
    Qualys ID
    38854
    Date Published
    December 6, 2021
    Vendor Reference
    SYMSA18331
    CVE Reference
    CVE-2021-30648
    CVSS Scores
    Base 9.8 / Temporal 9.1
    Description
    Symantec ProxySG (SWG) is a proxy or web security gateway hardware/virtual appliance for content filtering, authentication, caching, ICAP relay.
    The Symantec Advanced Secure Gateway provides comprehensive protection and control over web traffic to support your security and application performance requirements.

    Symantec ProxySG and ASG is prone:
    CVE-2021-30648:Authentication Bypass Vulnerability

    Affected ASG Versions.
    ASG 6.6 and 6.7 prior to 6.7.5.12.
    ASG 7.2 prior to 7.2.7.2.
    ASG 7.3 prior to 7.3.3.3.

    Affected ProxySG Versions.
    ProxySG 6.5, 6.6, and 6.7 prior to 6.7.5.12.
    ProxySG 7.2 prior to 7.2.7.2.
    ProxySG 7.3 prior to 7.3.3.3.

    Qid Detection Logic
    The QID checks for vulnerable versions of ProxySG and ASG, the version is retrieved via SNMP.

    Consequence
    An unauthenticated attacker can execute arbitrary CLI commands, view/modify the appliance configuration and policy, and shutdown/restart the appliance.
    Solution
    Customers are advised to refer to SYMSA18331 for information pertaining to this vulnerability.Workaround:
    CVE-2021-30648 is exploitable in ASG and ProxySG only if the attacker can send HTTP/HTTPS requests to the web management console. Customers can mitigate this vulnerability using existing network infrastructure, such as network partitioning and firewalls, to restrict access to the web management console to a trusted network.
    CVE-2021-30648 is not exploitable to perform arbitrary code execution. ASG and ProxySG only provide a restricted CLI and not a general operating system shell. The CLI commands an attacker can execute are restricted to the commands provided by the CLI.
    Patches
    SYMSA18331
  • CVE-2021-44515
    In Development

    Zoho ManageEngine Desktop Central and Desktop Central MSP Authentication Bypass Vulnerability

    Severity
    Critical4
    Qualys ID
    376138
    Vendor Reference
    ManageEngine Desktop Central
    CVE Reference
    CVE-2021-44515
    CVSS Scores
    Base 9.8 / Temporal 9.1
    Description
    Zoho ManageEngine Desktop Central is an integrated desktop and mobile device management software that helps in managing the servers, laptops, desktops, smart phones and tablets from a central point.

    An authentication bypass vulnerability in ManageEngine Desktop Central that could result in remote code execution.

    Affected Versions:
    For Enterprise:
    Builds 10.1.2127.17 and below, upgrade to 10.1.2127.18
    Builds 10.1.2128.0 to 10.1.2137.2, upgrade to 10.1.2137.3

    For MSP:
    Builds 10.1.2127.17 and below, upgrade to 10.1.2127.18
    Builds 10.1.2128.0 to 10.1.2137.2, upgrade to 10.1.2137.3

    QID Detection Logic:(Authenticated)
    This QID checks for vulnerable version of Desktop Central by checking file "product.conf", the location of file is retrieved by registry values.

    Consequence
    If exploited, the attackers can gain unauthorized access to the product by sending a specially crafted request leading to remote code execution.
    Solution
    Customers are advised to refer to ManageEngine Desktop Central and ManageEngine Desktop Central MSP for information pertaining to this vulnerability.
    Patches
    ManageEngine Desktop Central and MSP
  • CVE-2021-21685+
    Recently Published

    Red Hat OpenShift Container Platform 4.6 Security Update (RHSA-2021:4799)

    Severity
    Critical4
    Qualys ID
    239925
    Date Published
    December 6, 2021
    Vendor Reference
    RHSA-2021:4799
    CVE Reference
    CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

    Security Fix(es):
    • jenkins-2-plugins/subversion: does not restrict the name of a file when

    Affected Products:

    • Red Hat openshift container platform 4.6 for rhel 8 x86_64
    • Red Hat openshift container platform 4.6 for rhel 7 x86_64
    • Red Hat openshift container platform for power 4.6 for rhel 8 ppc64le
    • Red Hat openshift container platform for ibm z and linuxone 4.6 for rhel 8 s390x



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4799 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4799
  • CVE-2016-6893+
    Recently Published

    CentOS Security Update for mailman (CESA-2021:4913)

    Severity
    Critical4
    Qualys ID
    257134
    Date Published
    December 6, 2021
    Vendor Reference
    CESA-2021:4913
    CVE Reference
    CVE-2016-6893, CVE-2021-42097, CVE-2021-44227
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    CentOS has released a security update for mailman security update to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to CentOS security advisory CESA-2021:4913 for updates and patch information.
    Patches
    centos 7 CESA-2021:4913
  • CVE-2016-6893+
    Recently Published

    Red Hat Update for mailman (RHSA-2021:4913)

    Severity
    Critical4
    Qualys ID
    239928
    Date Published
    December 6, 2021
    Vendor Reference
    RHSA-2021:4913
    CVE Reference
    CVE-2016-6893, CVE-2021-42097, CVE-2021-44227
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description

    mailman is a program used to help manage e-mail discussion lists.

    Security Fix(es):
    • mailman: csrf token bypass allows to perform csrf attacks and account takeover (cve-2021-42097)
    • mailman: csrf token bypass allows to perform csrf attacks and admin takeover (cve-2021-44227)
    • mailman: csrf protection missing in the user options page (cve-2016-6893)

    Affected Products:

    • Red Hat enterprise linux server 7 x86_64
    • Red Hat enterprise linux workstation 7 x86_64
    • Red Hat enterprise linux for ibm z systems 7 s390x
    • Red Hat enterprise linux for power, big endian 7 ppc64
    • Red Hat enterprise linux for power, little endian 7 ppc64le



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4913 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4913
  • CVE-2021-40775+
    Recently Published

    Adobe Prelude Multiple Vulnerabilities (APSB21-96)

    Severity
    Critical4
    Qualys ID
    376136
    Date Published
    December 6, 2021
    Vendor Reference
    APSB21-96
    CVE Reference
    CVE-2021-40775, CVE-2021-42738, CVE-2021-42737, CVE-2021-42733, CVE-2021-43011, CVE-2021-43012, CVE-2021-40772, CVE-2021-40771, CVE-2021-40770, CVE-2021-40773, CVE-2021-40774
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Adobe Prelude is an ingest and logging tool for tagging media with metadata for searching, post-production workflows, and footage lifecycle management.

    These updates address critical vulnerabilities in Adobe Prelude.
    Affected Versions:
    Adobe Prelude 10.1 and earlier versions

    QID Detection Logic:(Authenticated)
    This QID checks the Windows registry to see if Adobe Prelude is installed. If found, it checks if the installed versions are vulnerable.

    Consequence
    Successful exploitation could lead to arbitrary code execution, memory leak and application denial of service.
    Solution
    The vendor has released a patch for Adobe Prelude
    For more information please visit APSB21-96
    Patches
    APSB21-96
  • CVE-2018-5764
    Recently Published

    Debian Security Update for rsync (DLA 2833-1)

    Severity
    Critical4
    Qualys ID
    178925
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2833-1
    CVE Reference
    CVE-2018-5764
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Debian has released a security update for rsync to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2833-1 for updates and patch information.
    Patches
    Debian DLA 2833-1
  • CVE-2021-43618
    Recently Published

    Debian Security Update for gmp (DLA 2837-1)

    Severity
    Critical4
    Qualys ID
    178922
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2837-1
    CVE Reference
    CVE-2021-43618
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Debian has released a security update for gmp to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2837-1 for updates and patch information.
    Patches
    Debian DLA 2837-1
  • CVE-2021-41244
    Recently Published

    Grafana Enterprise Incorrect Access Control Vulnerability

    Severity
    Urgent5
    Qualys ID
    730289
    Date Published
    December 6, 2021
    Vendor Reference
    Grafana Advisory
    CVE Reference
    CVE-2021-41244
    CVSS Scores
    Base 9.1 / Temporal 7.9
    Description

    Grafana is an open-source, general purpose dashboard and graph composer, which runs as a web application.

    Affected By Below Vulnerabilies:
    CVE-2021-41244: In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations.

    Affected Versions:
    Grafana Version 8.0.0 to 8.2.3

    QID Detection Logic (Unauthenticated):
    This QID checks for vulnerable version of Grafana Enterprise from the server response

    Consequence
    Successful exploitation could allows users with the Organization Admin role to list, add, remove, and update users roles in other organizations in which they are not an admin.

    Solution
    Customers are advised to download Grafana Enterprise 8.2.4 to fix this vulnerability.
    Workaround:

    If you cannot upgrade, you should turn off the fine-grained access control using a feature flag.

    Patches
    CVE-2021-41244
  • CVE-2021-43527
    Recently Published

    Red Hat Update for nss (RHSA-2021:4909)

    Severity
    Urgent5
    Qualys ID
    239923
    Date Published
    December 6, 2021
    Vendor Reference
    RHSA-2021:4909
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    network security services (nss) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

    Security Fix(es):
    • nss: memory corruption in decodeecordsasignature with dsa signatures (and rsa-pss) (cve-2021-43527)

    <H2></H2>

    • Red Hat enterprise linux for x86_64 - extended update support 8.4 x86_64
    • Red Hat enterprise linux server - aus 8.4 x86_64
    • Red Hat enterprise linux for ibm z systems - extended update support 8.4 s390x
    • Red Hat enterprise linux for power, little endian - extended update support 8.4 ppc64le
    • Red Hat enterprise linux server - tus 8.4 x86_64
    • Red Hat enterprise linux for arm 64 - extended update support 8.4 aarch64
    • Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.4 ppc64le
    • Red Hat enterprise linux server - update services for sap solutions 8.4 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4909 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4909
  • CVE-2021-43527
    Recently Published

    Debian Security Update for nss (DLA 2836-1)

    Severity
    Urgent5
    Qualys ID
    178921
    Date Published
    December 6, 2021
    Vendor Reference
    DLA 2836-1
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Debian has released a security update for nss to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Debian security advisory DLA 2836-1 for updates and patch information.
    Patches
    Debian DLA 2836-1
  • CVE-2018-9517+
    Recently Published

    OpenSUSE Security Update for the Linux Kernel (openSUSE-SU-2021:3876-1)

    Severity
    Critical4
    Qualys ID
    751441
    Date Published
    December 6, 2021
    Vendor Reference
    openSUSE-SU-2021:3876-1
    CVE Reference
    CVE-2018-9517, CVE-2020-0429, CVE-2021-3759, CVE-2020-12770, CVE-2021-3760, CVE-2020-4788, CVE-2021-3640, CVE-2021-3753, CVE-2021-41864, CVE-2021-3655, CVE-2021-3715, CVE-2021-31916, CVE-2021-34981, CVE-2021-3659, CVE-2021-42252, CVE-2021-37159, CVE-2019-3874, CVE-2021-42739, CVE-2018-13405, CVE-2021-22543, CVE-2020-3702, CVE-2021-3744, CVE-2021-38198, CVE-2021-3772, CVE-2021-33909, CVE-2021-3542, CVE-2021-34556, CVE-2021-42008, CVE-2021-0941, CVE-2021-3764, CVE-2021-3752, CVE-2021-3679, CVE-2021-3656, CVE-2021-33033, CVE-2021-38204, CVE-2021-40490, CVE-2021-3732, CVE-2021-3653, CVE-2021-38160, CVE-2021-20322, CVE-2019-3900, CVE-2021-35477, CVE-2021-37576
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    OpenSUSE has released a security update for the Linux Kernel to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3876-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3876-1
  • CVE-2021-30846+
    Recently Published

    OpenSUSE Security Update for webkit2gtk3 (openSUSE-SU-2021:3874-1)

    Severity
    Critical4
    Qualys ID
    751440
    Date Published
    December 6, 2021
    Vendor Reference
    openSUSE-SU-2021:3874-1
    CVE Reference
    CVE-2021-30846, CVE-2021-30851
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    OpenSUSE has released a security update for webkit2gtk3 to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3874-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3874-1
  • CVE-2018-9517+
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3876-1)

    Severity
    Critical4
    Qualys ID
    751437
    Date Published
    December 6, 2021
    Vendor Reference
    SUSE-SU-2021:3876-1
    CVE Reference
    CVE-2018-9517, CVE-2020-0429, CVE-2021-3759, CVE-2020-12770, CVE-2021-3760, CVE-2020-4788, CVE-2021-3640, CVE-2021-3753, CVE-2021-41864, CVE-2021-3655, CVE-2021-3715, CVE-2021-31916, CVE-2021-34981, CVE-2021-3659, CVE-2021-42252, CVE-2021-37159, CVE-2019-3874, CVE-2021-42739, CVE-2018-13405, CVE-2021-22543, CVE-2020-3702, CVE-2021-3744, CVE-2021-38198, CVE-2021-3772, CVE-2021-33909, CVE-2021-3542, CVE-2021-34556, CVE-2021-42008, CVE-2021-0941, CVE-2021-3764, CVE-2021-3752, CVE-2021-3679, CVE-2021-3656, CVE-2021-33033, CVE-2021-38204, CVE-2021-40490, CVE-2021-3732, CVE-2021-3653, CVE-2021-38160, CVE-2021-20322, CVE-2019-3900, CVE-2021-35477, CVE-2021-37576
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    SUSE has released a security update for kernel to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15 SP1
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3876-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3876-1
  • CVE-2021-26221+
    Recently Published

    OpenSUSE Security Update for netcdf (openSUSE-SU-2021:3873-1)

    Severity
    Critical4
    Qualys ID
    751439
    Date Published
    December 6, 2021
    Vendor Reference
    openSUSE-SU-2021:3873-1
    CVE Reference
    CVE-2021-26221, CVE-2021-26222, CVE-2019-20006, CVE-2021-31348, CVE-2021-31347, CVE-2019-20005, CVE-2019-20007, CVE-2021-26220, CVE-2019-20201, CVE-2019-20202, CVE-2021-31598, CVE-2019-20198, CVE-2019-20199, CVE-2021-31229, CVE-2019-20200, CVE-2021-30485
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    OpenSUSE has released a security update for netcdf to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    Malicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3873-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3873-1
  • CVE-2021-42269+
    Recently Published

    Adobe Animate Multiple Vulnerabilities (APSB21-105)

    Severity
    Critical4
    Qualys ID
    376134
    Date Published
    December 6, 2021
    Vendor Reference
    APSB21-105
    CVE Reference
    CVE-2021-42269, CVE-2021-42268, CVE-2021-42267, CVE-2021-42266, CVE-2021-40733, CVE-2021-42525, CVE-2021-42524, CVE-2021-42272, CVE-2021-42271, CVE-2021-42270
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    Adobe Animate is a multimedia authoring and computer animation program developed by Adobe

    Affected Versions for Windows
    Adobe Animate 21.0.9 and earlier versions

    Consequence
    Successful exploitation could lead to arbitrary code execution and privilege escalation in context of current user
    Solution
    Vendor Adove has realesed the patch to fix this vulnerability. Refer to APSB21-105
    Patches
    APSB21-105
  • CVE-2021-3058
    Recently Published

    Palo Alto Networks (PAN-OS) OS Command Injection Vulnerability (PAN-176653)

    Severity
    Critical4
    Qualys ID
    730287
    Date Published
    December 6, 2021
    Vendor Reference
    PAN-176653
    CVE Reference
    CVE-2021-3058
    CVSS Scores
    Base 7.2 / Temporal 6.3
    Description
    PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.

    An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges.
    Affected Versions:
    PAN-OS 10.1 versions earlier than PAN-OS 10.1.3
    PAN-OS 10.0 versions earlier than PAN-OS 10.0.8
    PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2
    PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3
    PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1
    QID Detection Logic (Authenticated):
    This QID looks for the vulnerable version of PAN-OS

    NOTE:This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API.

    Consequence

    An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges.

    Solution

    Refer to PAN-176653 for more information about patching this vulnerability.

    Workaround:
    Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058. This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.

    Patches
    PAN-176653
  • CVE-2021-41617
    Recently Published

    SUSE Enterprise Linux Security Update for openssh (SUSE-SU-2021:3875-1)

    Severity
    Critical4
    Qualys ID
    751435
    Date Published
    December 6, 2021
    Vendor Reference
    SUSE-SU-2021:3875-1
    CVE Reference
    CVE-2021-41617
    CVSS Scores
    Base 7 / Temporal 6.1
    Description
    SUSE has released a security update for openssh to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 12 SP4
    SUSE Linux Enterprise Server 12 SP5
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3875-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3875-1
  • CVE-2021-31916+
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3877-1)

    Severity
    Critical4
    Qualys ID
    751436
    Date Published
    December 6, 2021
    Vendor Reference
    SUSE-SU-2021:3877-1
    CVE Reference
    CVE-2021-31916, CVE-2021-34981, CVE-2021-20322, CVE-2021-0941
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    SUSE has released a security update for kernel to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server 12 SP5
    SUSE Linux Enterprise (Desktop|Server) 12 SP5
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3877-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3877-1
  • CVE-2020-10245
    Recently Published

    3S-Smart CODESYS V3 Unauthenticated Remote Heap Overflow Vulnerability (Advisory 2020-03)

    Severity
    Urgent5
    Qualys ID
    590606
    Date Published
    December 6, 2021
    Vendor Reference
    Advisory 2020-03
    CVE Reference
    CVE-2020-10245
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Affected Products:
    All variants of the following CODESYS V3 products in all versions prior V3.5.16.10 containing the CmpRouter or CmpRouterEmbedded component are affected.

    QID Detection Logic (Authenticated)
    QID checks for the Vulnerable version using windows registry keys

    Consequence
    Specific crafted requests may cause a heap-based buffer overflow. Further on this could crash the web server, lead to a denial-of-service condition or may be utilized for remote code execution.
    Solution

    Customers are advised to refer to CERT MITIGATIONS section Advisory 2020-03 for affected packages and patching details.

    Patches
    Advisory 2020-03
  • CVE-2020-8277
    Recently Published

    F5 BIG-IP Local Traffic Manager (LTM), Access Policy Manager (APM), Application Security Manager (ASM) Node.js Vulnerability (K07944249)

    Severity
    Critical4
    Qualys ID
    376120
    Date Published
    December 6, 2021
    Vendor Reference
    K07944249
    CVE Reference
    CVE-2020-8277
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions prior to 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1. (CVE-2020-8277)

    Vulnerable Component: BIG-IP APM,LTM,ASM

    Affected Versions:
    16.0.0 - 16.0.1
    15.1.0 - 15.1.4
    14.1.0 - 14.1.4
    13.1.0 - 13.1.4
    12.1.0 - 12.1.6

    QID Detection Logic(Authenticated):
    This QID checks for the vulnerable versions of F5 BIG-IP devices using the tmsh command.

    Consequence
    A remote attacker can exploit the vulnerability with DNS resolution to cause a denial-of-service (DoS) on the affected F5 product.

    Solution
    The vendor has released patch, for more information please visit: K07944249
    Patches
    K07944249
  • CVE-2021-24462
    Recently Published

    WordPress Photo Gallery by Ays Plugin Authenticated Blind SQL Injections (CVE-2021-24462)

    Severity
    Urgent5
    Qualys ID
    150432
    Date Published
    December 3, 2021
    Vendor Reference
    Photo Gallery
    CVE Reference
    CVE-2021-24462
    CVSS Scores
    Base 8.8 / Temporal 7.9
    Description
    Gallery - Photo Galleys is a responsive image gallery wordpress plugin. Which allows you to add unlimited galleries and unlimited images in your preferred format.

    The get_gallery_categories() and get_galleries() functions in the plugin did not use whitelist or validate the order by parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

    Affected versions:
    before 4.4.4

    Consequence
    Successful exploitation could allow an unauthenticated, remote attacker to manipulate SQL queries by injecting arbitrary SQL code or further exploit latent vulnerabilities in the underlying database.

    Solution
    Customers are advised to upgrade to Gallery - Photo Galleys 4.4.4 or later versions to remediate this vulnerability.
    Patches
    Photo Gallery
  • CVE-2021-43527
    Recently Published

    Amazon Linux Security Advisory for nss, nss-util, nss-softokn, nspr : ALAS2-2021-1722

    Severity
    Urgent5
    Qualys ID
    353044
    Date Published
    December 2, 2021
    Vendor Reference
    ALAS2-2021-1722
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    Nss (network security services) up to and including 3.73 is vulnerable to a heap overflow when handling der-encoded dsa or rsa-pss signatures.
    Applications using nss for handling signatures encoded within cms, s/mime, pkcs \#7, or pkcs \#12 are likely to be impacted.
    Applications using nss for certificate validation or other tls, x.509, ocsp or crl functionality may be impacted, depending on how they configure nss. when verifying a der-encoded signature, nss decodes the signature into a fixed-size buffer and passes the buffer to the underlying pkcs \#11 module.
    The length of the signature is not correctly checked when processing dsa and rsa-pss signatures.
    Dsa and rsa-pss signatures larger than 16384 bits will overflow the buffer in vfycontextstr.
    The vulnerable code is located within secvfy.c:vfy_createcontext. (
    ( CVE-2021-43527)



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
    Solution
    Please refer to Amazon advisory: ALAS2-2021-1722 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux 2 ALAS2-2021-1722
  • CVE-2021-43527
    Recently Published

    Amazon Linux Security Advisory for nss : ALAS-2021-1552

    Severity
    Urgent5
    Qualys ID
    353043
    Date Published
    December 2, 2021
    Vendor Reference
    ALAS-2021-1552
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    Nss (network security services) up to and including 3.73 is vulnerable to a heap overflow when handling der-encoded dsa or rsa-pss signatures.
    Applications using nss for handling signatures encoded within cms, s/mime, pkcs \#7, or pkcs \#12 are likely to be impacted.
    Applications using nss for certificate validation or other tls, x.509, ocsp or crl functionality may be impacted, depending on how they configure nss. when verifying a der-encoded signature, nss decodes the signature into a fixed-size buffer and passes the buffer to the underlying pkcs \#11 module.
    The length of the signature is not correctly checked when processing dsa and rsa-pss signatures.
    Dsa and rsa-pss signatures larger than 16384 bits will overflow the buffer in vfycontextstr.
    The vulnerable code is located within secvfy.c:vfy_createcontext. (
    ( CVE-2021-43527)



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a securitybreach or could affect integrity, availability, and confidentiality.
    Solution
    Please refer to Amazon advisory: ALAS-2021-1552 for affected packages and patching details, or update with your package manager.
    Patches
    Amazon Linux ALAS-2021-1552
  • CVE-2021-43527
    Recently Published

    Red Hat Update for nss (RHSA-2021:4903)

    Severity
    Urgent5
    Qualys ID
    239922
    Date Published
    December 2, 2021
    Vendor Reference
    RHSA-2021:4903
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    network security services (nss) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

    Security Fix(es):
    • nss: memory corruption in decodeecordsasignature with dsa signatures (and rsa-pss) (cve-2021-43527)

    Affected Products:

    • Red Hat enterprise linux for x86_64 8 x86_64
    • Red Hat enterprise linux for ibm z systems 8 s390x
    • Red Hat enterprise linux for power, little endian 8 ppc64le
    • Red Hat enterprise linux for arm 64 8 aarch64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4903 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4903
  • CVE-2021-43527
    Recently Published

    Red Hat Update for nss (RHSA-2021:4904)

    Severity
    Urgent5
    Qualys ID
    239921
    Date Published
    December 2, 2021
    Vendor Reference
    RHSA-2021:4904
    CVE Reference
    CVE-2021-43527
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description

    network security services (nss) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.

    Security Fix(es):
    • nss: memory corruption in decodeecordsasignature with dsa signatures (and rsa-pss) (cve-2021-43527)

    Affected Products:

    • Red Hat enterprise linux server 7 x86_64
    • Red Hat enterprise linux workstation 7 x86_64
    • Red Hat enterprise linux desktop 7 x86_64
    • Red Hat enterprise linux for ibm z systems 7 s390x
    • Red Hat enterprise linux for power, big endian 7 ppc64
    • Red Hat enterprise linux for scientific computing 7 x86_64
    • Red Hat enterprise linux for power, little endian 7 ppc64le



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4904 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4904
  • CVE-2021-21685+
    Recently Published

    Red Hat OpenShift Container Platform 4.7 Security Update (RHSA-2021:4801)

    Severity
    Critical4
    Qualys ID
    770125
    Date Published
    December 2, 2021
    Vendor Reference
    RHSA-2021:4801
    CVE Reference
    CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

    Security Fix(es):
    • jenkins-2-plugins/subversion: does not restrict the name of a file when

    Affected Products:

    • Red Hat openshift container platform 4.7 for rhel 8 x86_64
    • Red Hat openshift container platform 4.7 for rhel 7 x86_64
    • Red Hat openshift container platform for power 4.7 for rhel 8 ppc64le
    • Red Hat openshift container platform for ibm z and linuxone 4.7 for rhel 8 s390x



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4801 for updates and patch information.
    Patches
    Red Hat Enterprise Linux CoreOS RHSA-2021:4801
  • CVE-2019-9959+
    Recently Published

    OpenSUSE Security Update for poppler (openSUSE-SU-2021:3854-1)

    Severity
    Critical4
    Qualys ID
    751427
    Date Published
    December 2, 2021
    Vendor Reference
    openSUSE-SU-2021:3854-1
    CVE Reference
    CVE-2019-9959, CVE-2019-9903, CVE-2018-19058, CVE-2018-19149, CVE-2018-20551, CVE-2018-20650, CVE-2019-9200, CVE-2019-7310, CVE-2017-18267, CVE-2018-20662, CVE-2018-13988, CVE-2020-27778, CVE-2018-18897, CVE-2018-19060, CVE-2018-19059, CVE-2019-9631, CVE-2018-20481, CVE-2019-10871, CVE-2019-10872, CVE-2019-14494, CVE-2018-16646
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    OpenSUSE has released a security update for poppler to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3854-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3854-1
  • CVE-2019-9959+
    Recently Published

    SUSE Enterprise Linux Security Update for poppler (SUSE-SU-2021:3854-1)

    Severity
    Critical4
    Qualys ID
    751420
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3854-1
    CVE Reference
    CVE-2019-9959, CVE-2019-9903, CVE-2018-19058, CVE-2018-19149, CVE-2018-20551, CVE-2018-20650, CVE-2019-9200, CVE-2019-7310, CVE-2017-18267, CVE-2018-20662, CVE-2018-13988, CVE-2020-27778, CVE-2018-18897, CVE-2018-19060, CVE-2018-19059, CVE-2019-9631, CVE-2018-20481, CVE-2019-10871, CVE-2019-10872, CVE-2019-14494, CVE-2018-16646
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    SUSE has released a security update for poppler to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15
    SUSE Linux Enterprise Server for SAP Applications 15 SP1
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3854-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3854-1
  • CVE-2021-21685+
    Recently Published

    Red Hat OpenShift Container Platform 4.7 Security Update (RHSA-2021:4801)

    Severity
    Critical4
    Qualys ID
    239920
    Date Published
    December 2, 2021
    Vendor Reference
    RHSA-2021:4801
    CVE Reference
    CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description

    Red Hat openshift container platform is Red Hat's cloud computing kubernetes application platform solution designed for on-premise or private cloud deployments.

    Security Fix(es):
    • jenkins-2-plugins/subversion: does not restrict the name of a file when

    Affected Products:

    • Red Hat openshift container platform 4.7 for rhel 8 x86_64
    • Red Hat openshift container platform 4.7 for rhel 7 x86_64
    • Red Hat openshift container platform for power 4.7 for rhel 8 ppc64le
    • Red Hat openshift container platform for ibm z and linuxone 4.7 for rhel 8 s390x



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to Red Hat security advisory RHSA-2021:4801 for updates and patch information.
    Patches
    Red Hat Enterprise Linux RHSA-2021:4801
  • CVE-2021-30851+
    Recently Published

    SUSE Enterprise Linux Security Update for webkit2gtk3 (SUSE-SU-2021:3861-1)

    Severity
    Critical4
    Qualys ID
    751418
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3861-1
    CVE Reference
    CVE-2021-30851, CVE-2021-30846
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    SUSE has released a security update for webkit2gtk3 to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 12 SP4
    SUSE Linux Enterprise Server 12 SP5
    SUSE Linux Enterprise Server for SAP Applications 12 SP3
    SUSE Linux Enterprise (Desktop|Server) 12 SP5
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3861-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3861-1
  • CVE-2020-36385
    Recently Published

    CentOS Security Update for kernel (CESA-2021:4777)

    Severity
    Critical4
    Qualys ID
    257131
    Date Published
    December 2, 2021
    Vendor Reference
    CESA-2021:4777
    CVE Reference
    CVE-2020-36385
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    CentOS has released a security update for kernel security update to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to CentOS security advisory CESA-2021:4777 for updates and patch information.
    Patches
    centos 7 CESA-2021:4777
  • CVE-2021-27291
    Recently Published

    OpenSUSE Security Update for python-Pygments (openSUSE-SU-2021:3839-1)

    Severity
    Critical4
    Qualys ID
    751429
    Date Published
    December 2, 2021
    Vendor Reference
    openSUSE-SU-2021:3839-1
    CVE Reference
    CVE-2021-27291
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    OpenSUSE has released a security update for python-Pygments to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3839-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3839-1
  • CVE-2021-27291
    Recently Published

    OpenSUSE Security Update for python-Pygments (openSUSE-SU-2021:3841-1)

    Severity
    Critical4
    Qualys ID
    751428
    Date Published
    December 2, 2021
    Vendor Reference
    openSUSE-SU-2021:3841-1
    CVE Reference
    CVE-2021-27291
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    OpenSUSE has released a security update for python-Pygments to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3841-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3841-1
  • CVE-2021-31799+
    Recently Published

    SUSE Enterprise Linux Security Update for ruby2.1 (SUSE-SU-2021:3837-1)

    Severity
    Critical4
    Qualys ID
    751423
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3837-1
    CVE Reference
    CVE-2021-31799, CVE-2021-31810, CVE-2020-25613, CVE-2021-32066
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    SUSE has released a security update for ruby2.1 to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 12 SP4
    SUSE Linux Enterprise Server 12 SP5
    SUSE Linux Enterprise Server for SAP Applications 12 SP3
    SUSE Linux Enterprise (Desktop|Server) 12 SP5
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3837-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3837-1
  • CVE-2021-27291
    Recently Published

    SUSE Enterprise Linux Security Update for python-Pygments (SUSE-SU-2021:3840-1)

    Severity
    Critical4
    Qualys ID
    751415
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3840-1
    CVE Reference
    CVE-2021-27291
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    SUSE has released a security update for python-pygments to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15 SP1
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3840-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3840-1
  • CVE-2021-27291
    Recently Published

    SUSE Enterprise Linux Security Update for python-Pygments (SUSE-SU-2021:3841-1)

    Severity
    Critical4
    Qualys ID
    751412
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3841-1
    CVE Reference
    CVE-2021-27291
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    SUSE has released a security update for python-pygments to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3841-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3841-1
  • CVE-2020-25709+
    Recently Published

    EulerOS Security Update for openldap (EulerOS-SA-2021-2602)

    Severity
    Critical4
    Qualys ID
    671140
    Date Published
    December 2, 2021
    Vendor Reference
    EulerOS-SA-2021-2602
    CVE Reference
    CVE-2020-25709, CVE-2020-25710
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    EulerOS has released a security update(s) for openldap to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to EulerOS security advisory EulerOS-SA-2021-2602 for updates and patch information.
    Patches
    EulerOS V2.0SP3 EulerOS-SA-2021-2602
  • CVE-2021-25214+
    Recently Published

    EulerOS Security Update for bind (EulerOS-SA-2021-2572)

    Severity
    Critical4
    Qualys ID
    671133
    Date Published
    December 2, 2021
    Vendor Reference
    EulerOS-SA-2021-2572
    CVE Reference
    CVE-2021-25214, CVE-2021-25215
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    EulerOS has released a security update(s) for bind to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to EulerOS security advisory EulerOS-SA-2021-2572 for updates and patch information.
    Patches
    EulerOS V2.0SP3 EulerOS-SA-2021-2572
  • CVE-2021-31799+
    Recently Published

    OpenSUSE Security Update for ruby2.5 (openSUSE-SU-2021:3838-1)

    Severity
    Critical4
    Qualys ID
    751432
    Date Published
    December 2, 2021
    Vendor Reference
    openSUSE-SU-2021:3838-1
    CVE Reference
    CVE-2021-31799, CVE-2021-31810, CVE-2021-32066
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    OpenSUSE has released a security update for ruby2.5 to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3

    Consequence
    Malicious users could also use this vulnerability to change partial contents or configuration on the system and information disclosure.Denial of service can appear in some cases too.
    Solution
    Refer to openSUSE security advisory openSUSE-SU-2021:3838-1 for updates and patch information.
    Patches
    OpenSuse openSUSE-SU-2021:3838-1
  • CVE-2021-31799+
    Recently Published

    SUSE Enterprise Linux Security Update for ruby2.5 (SUSE-SU-2021:3838-1)

    Severity
    Critical4
    Qualys ID
    751413
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3838-1
    CVE Reference
    CVE-2021-31799, CVE-2021-31810, CVE-2021-32066
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    SUSE has released a security update for ruby2.5 to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server for SAP Applications 15
    SUSE Linux Enterprise Server for SAP Applications 15 SP1
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3838-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3838-1
  • CVE-2021-25217
    Recently Published

    EulerOS Security Update for dhcp (EulerOS-SA-2021-2578)

    Severity
    Critical4
    Qualys ID
    671143
    Date Published
    December 2, 2021
    Vendor Reference
    EulerOS-SA-2021-2578
    CVE Reference
    CVE-2021-25217
    CVSS Scores
    Base 7.4 / Temporal 6.4
    Description
    EulerOS has released a security update(s) for dhcp to fix the vulnerabilities.
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to EulerOS security advisory EulerOS-SA-2021-2578 for updates and patch information.
    Patches
    EulerOS V2.0SP3 EulerOS-SA-2021-2578
  • CVE-2021-31916+
    Recently Published

    SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2021:3848-1)

    Severity
    Critical4
    Qualys ID
    751424
    Date Published
    December 2, 2021
    Vendor Reference
    SUSE-SU-2021:3848-1
    CVE Reference
    CVE-2021-31916, CVE-2021-20322, CVE-2021-37159, CVE-2021-0941, CVE-2021-34981, CVE-2021-3772
    CVSS Scores
    Base 6.7 / Temporal 5.8
    Description
    SUSE has released a security update for kernel to fix the vulnerabilities.

    Affected product(s):
    SUSE Linux Enterprise Server 12 SP5
    Consequence
    Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
    Solution
    Refer to SUSE security advisory SUSE-SU-2021:3848-1 for updates and patch information.
    Patches
    SUSE Enterprise Linux SUSE-SU-2021:3848-1
  • CVE-2019-15149
    In Development

    Python (pip) Security Update for mitogen (GHSA-8rf6-w2mx-4xjh)

    Severity
    Urgent5
    Qualys ID
    983477
    Vendor Reference
    GHSA-8rf6-w2mx-4xjh
    CVE Reference
    CVE-2019-15149
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    ** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8rf6-w2mx-4xjh for updates pertaining to this vulnerability.
    Patches
    mitogen GHSA-8rf6-w2mx-4xjh
  • CVE-2017-5954
    In Development

    Nodejs (npm) Security Update for serialize-to-js (GHSA-mm62-wxc8-cf7m)

    Severity
    Urgent5
    Qualys ID
    983385
    Vendor Reference
    GHSA-mm62-wxc8-cf7m
    CVE Reference
    CVE-2017-5954
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Affected versions of `serialize-to-js` may be vulnerable to arbitrary code execution through an Immediately Invoked Function Expression (IIFE).

    ## Proof of Concept
    ```
    var payload = "{e: (function(){ eval('console.log(`exploited`)') })() }"
    var serialize = require('serialize-to-js');
    serialize.deserialize(payload);
    ```


    ## Recommendation

    Update to version 1.0.0, or later, and review [this disclaimer](https://www.npmjs.com/package/serialize-to-js#deserialize) from the author.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mm62-wxc8-cf7m for updates pertaining to this vulnerability.
    Patches
    serialize-to-js GHSA-mm62-wxc8-cf7m
  • CVE-2018-3757
    In Development

    Nodejs (npm) Security Update for pdf-image (GHSA-5gwh-g79j-vh4q)

    Severity
    Urgent5
    Qualys ID
    983384
    Vendor Reference
    GHSA-5gwh-g79j-vh4q
    CVE Reference
    CVE-2018-3757
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions of `pdf-image` before 2.0.0 are vulnerable to command injection. This vulnerability is exploitable if the attacker has control over the `pdfFilePath` variable passed into `pdf-image`.


    ## Recommendation

    Update to version 2.0.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5gwh-g79j-vh4q for updates pertaining to this vulnerability.
    Patches
    pdf-image GHSA-5gwh-g79j-vh4q
  • CVE-2021-43786
    In Development

    Nodejs (npm) Security Update for nodebb (GHSA-hf2m-j98r-4fqw)

    Severity
    Urgent5
    Qualys ID
    983308
    Vendor Reference
    GHSA-hf2m-j98r-4fqw
    CVE Reference
    CVE-2021-43786
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Security update has been released for nodebb to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Incorrect logic present in the token verification step unintentionally allowed master token access to the API.
    Solution
    The vulnerability has been patch as of v1.18.5.Workaround:
    Cherry-pick commit hash 04dab1d550cdebf4c1567bca9a51f8b9ca48a500 to receive this patch in lieu of a full upgrade.
    Patches
    nodebb GHSA-hf2m-j98r-4fqw
  • CVE-2021-43787
    In Development

    Nodejs (npm) Security Update for nodebb (GHSA-wx69-rvg3-x7fc)

    Severity
    Urgent5
    Qualys ID
    983309
    Vendor Reference
    GHSA-wx69-rvg3-x7fc
    CVE Reference
    CVE-2021-43787
    CVSS Scores
    Base 6.1 / Temporal 5.3
    Description
    Security update has been released for nodebb to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    A prototype pollution vulnerability in the uploader module allowed a malicious user to inject arbitrary data (i.e. javascript) into the DOM, theoretically allowing for an account takeover when used in conjunction with a path traversal vulnerability disclosed at the same time as this report.
    Solution
    The vulnerability has been patched as of v1.18.5.Workaround:
    Cherry-pick commit hash 1783f918bc19568f421473824461ff2ed7755e4c to receive this patch in lieu of a full upgrade.
    Patches
    nodebb GHSA-wx69-rvg3-x7fc
  • Recently Published

    Microsoft Windows 10 Elevation of Privilege Vulnerability (Zero-day)

    Severity
    Urgent5
    Qualys ID
    91842
    Date Published
    December 1, 2021
    CVSS Scores
    Base 5.5 / Temporal 5.1
    Description
    An unpatched (zero-day) Windows security vulnerability could allow Information disclosure and Local Privilege Escalation (LPE) on vulnerable systems
    The incompletely patched vulnerability for CVE-2021-24084 could also be exploited to gain administrator privileges and run malicious code on Windows 10 machines running the latest security updates.

    Affected Software:
    Windows 10 Version 20H2
    Windows 10 Version 21H1
    Windows 10 Version 2004
    Windows 10 Version 1909
    Windows 10 Version 1903
    Windows 10 Version 1809

    Note: Windows Servers, Windows 11, Windows 10(Version 1803 and earlier) are not affected.

    Consequence
    The vulnerable functionality exists under the "access work or school" settings. A normal user can make use of the "export your management log files" function, which triggers the Device Management Enrollment Service.
    Solution
    There are no vendor supplied patches available at this time.
  • CVE-2019-5480
    In Development

    Nodejs (npm) Security Update for statichttpserver (GHSA-2j5x-56p6-hj6x)

    Severity
    Urgent5
    Qualys ID
    983393
    Vendor Reference
    GHSA-2j5x-56p6-hj6x
    CVE Reference
    CVE-2019-5480
    CVSS Scores
    Base 5.3 / Temporal 4.6
    Description
    All versions of `statichttpserver` are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths.


    ## Recommendation

    No fix is currently available. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2j5x-56p6-hj6x for updates pertaining to this vulnerability.
    Patches
    statichttpserver GHSA-2j5x-56p6-hj6x
  • CVE-2014-9682
    In Development

    Nodejs (npm) Security Update for dns-sync (GHSA-wxvm-fh75-mpgr)

    Severity
    Urgent5
    Qualys ID
    983496
    Vendor Reference
    GHSA-wxvm-fh75-mpgr
    CVE Reference
    CVE-2014-9682
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Withdrawn, accidental duplicate publish.

    The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wxvm-fh75-mpgr for updates pertaining to this vulnerability.
    Patches
    dns-sync GHSA-wxvm-fh75-mpgr
  • In Development

    Nodejs (npm) Security Update for dompurify (GHSA-mjjq-c88q-qhr6)

    Severity
    Urgent5
    Qualys ID
    983378
    Vendor Reference
    GHSA-mjjq-c88q-qhr6
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Versions of `dompurify` prior to 2.0.7 are vulnerable to Cross-Site Scripting (XSS). It is possible to bypass the package sanitization through Mutation XSS, which may allow an attacker to execute arbitrary JavaScript in a victim's browser.


    ## Recommendation

    Upgrade to version 2.0.7 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mjjq-c88q-qhr6 for updates pertaining to this vulnerability.
    Patches
    dompurify GHSA-mjjq-c88q-qhr6
  • In Development

    Nodejs (npm) Security Update for yeoman-genrator (GHSA-f7g4-fm4c-54m9)

    Severity
    Urgent5
    Qualys ID
    983377
    Vendor Reference
    GHSA-f7g4-fm4c-54m9
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 2.0.2 of `yoeman-generator` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opens a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-f7g4-fm4c-54m9 for updates pertaining to this vulnerability.
    Patches
    yeoman-genrator GHSA-f7g4-fm4c-54m9
  • In Development

    Nodejs (npm) Security Update for mogodb-core (GHSA-g4m3-rpxr-h7vg)

    Severity
    Urgent5
    Qualys ID
    983376
    Vendor Reference
    GHSA-g4m3-rpxr-h7vg
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-g4m3-rpxr-h7vg for updates pertaining to this vulnerability.
    Patches
    mogodb-core GHSA-g4m3-rpxr-h7vg
  • In Development

    Nodejs (npm) Security Update for mogoose (GHSA-5mm9-55c9-p5r7)

    Severity
    Urgent5
    Qualys ID
    983375
    Vendor Reference
    GHSA-5mm9-55c9-p5r7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5mm9-55c9-p5r7 for updates pertaining to this vulnerability.
    Patches
    mogoose GHSA-5mm9-55c9-p5r7
  • In Development

    Nodejs (npm) Security Update for mysql-koa (GHSA-x45v-pvpg-hcrh)

    Severity
    Urgent5
    Qualys ID
    983374
    Vendor Reference
    GHSA-x45v-pvpg-hcrh
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-x45v-pvpg-hcrh for updates pertaining to this vulnerability.
    Patches
    mysql-koa GHSA-x45v-pvpg-hcrh
  • In Development

    Nodejs (npm) Security Update for node-ftp (GHSA-5jgp-pg4f-q8vj)

    Severity
    Urgent5
    Qualys ID
    983373
    Vendor Reference
    GHSA-5jgp-pg4f-q8vj
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5jgp-pg4f-q8vj for updates pertaining to this vulnerability.
    Patches
    node-ftp GHSA-5jgp-pg4f-q8vj
  • In Development

    Nodejs (npm) Security Update for node-spdy (GHSA-wfjh-3hq2-r276)

    Severity
    Urgent5
    Qualys ID
    983372
    Vendor Reference
    GHSA-wfjh-3hq2-r276
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wfjh-3hq2-r276 for updates pertaining to this vulnerability.
    Patches
    node-spdy GHSA-wfjh-3hq2-r276
  • In Development

    Nodejs (npm) Security Update for serializes (GHSA-j899-348x-h3rq)

    Severity
    Urgent5
    Qualys ID
    983371
    Vendor Reference
    GHSA-j899-348x-h3rq
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-j899-348x-h3rq for updates pertaining to this vulnerability.
    Patches
    serializes GHSA-j899-348x-h3rq
  • In Development

    Nodejs (npm) Security Update for serilize (GHSA-fw76-p9p2-6pvf)

    Severity
    Urgent5
    Qualys ID
    983370
    Vendor Reference
    GHSA-fw76-p9p2-6pvf
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fw76-p9p2-6pvf for updates pertaining to this vulnerability.
    Patches
    serilize GHSA-fw76-p9p2-6pvf
  • In Development

    Nodejs (npm) Security Update for sparkies (GHSA-c4fm-46gm-4469)

    Severity
    Urgent5
    Qualys ID
    983369
    Vendor Reference
    GHSA-c4fm-46gm-4469
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    This package contained malicious code. The package uploaded system information such as OS and hostname to a remote server.


    ## Recommendation

    Remove the package from your environment. There are no indications of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-c4fm-46gm-4469 for updates pertaining to this vulnerability.
    Patches
    sparkies GHSA-c4fm-46gm-4469
  • In Development

    Nodejs (npm) Security Update for requset (GHSA-w7wg-24g3-2c78)

    Severity
    Urgent5
    Qualys ID
    983368
    Vendor Reference
    GHSA-w7wg-24g3-2c78
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `requset` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-w7wg-24g3-2c78 for updates pertaining to this vulnerability.
    Patches
    requset GHSA-w7wg-24g3-2c78
  • In Development

    Nodejs (npm) Security Update for rqeuest (GHSA-pj97-j597-ppm7)

    Severity
    Urgent5
    Qualys ID
    983367
    Vendor Reference
    GHSA-pj97-j597-ppm7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `rqeuest` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-pj97-j597-ppm7 for updates pertaining to this vulnerability.
    Patches
    rqeuest GHSA-pj97-j597-ppm7
  • In Development

    Nodejs (npm) Security Update for erquest (GHSA-4pmg-jgm5-3jg6)

    Severity
    Urgent5
    Qualys ID
    983366
    Vendor Reference
    GHSA-4pmg-jgm5-3jg6
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `erquest` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4pmg-jgm5-3jg6 for updates pertaining to this vulnerability.
    Patches
    erquest GHSA-4pmg-jgm5-3jg6
  • In Development

    Nodejs (npm) Security Update for carloprojectlesang (GHSA-qj2g-642f-4jrv)

    Severity
    Urgent5
    Qualys ID
    983365
    Vendor Reference
    GHSA-qj2g-642f-4jrv
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `carloprojectlesang` contain obfuscated malware that uploads Discord user tokens to a remote server. This allows attackers to make purchases on behalf of users if they have credit cards linked to their Discord accounts.


    ## Recommendation

    Remove the package from your environment. Review your Discord account access and rotate tokens if possible. If a credit card was linked to a compromised account contact your credit card company.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-qj2g-642f-4jrv for updates pertaining to this vulnerability.
    Patches
    carloprojectlesang GHSA-qj2g-642f-4jrv
  • In Development

    Nodejs (npm) Security Update for discord_debug_log (GHSA-5x8q-gj67-rhf2)

    Severity
    Urgent5
    Qualys ID
    983364
    Vendor Reference
    GHSA-5x8q-gj67-rhf2
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `discord_debug_log` contain obfuscated malware that uploads Discord user tokens to a remote server. This allows attackers to make purchases on behalf of users if they have credit cards linked to their Discord accounts.


    ## Recommendation

    Remove the package from your environment. Review your Discord account access and rotate tokens if possible. If a credit card was linked to a compromised account contact your credit card company.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5x8q-gj67-rhf2 for updates pertaining to this vulnerability.
    Patches
    discord_debug_log GHSA-5x8q-gj67-rhf2
  • In Development

    Nodejs (npm) Security Update for carloprojectdiscord (GHSA-9rwj-8mh9-4876)

    Severity
    Urgent5
    Qualys ID
    983363
    Vendor Reference
    GHSA-9rwj-8mh9-4876
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `carloprojectdiscord` contain obfuscated malware that uploads Discord user tokens to a remote server. This allows attackers to make purchases on behalf of users if they have credit cards linked to their Discord accounts.


    ## Recommendation

    Remove the package from your environment. Review your Discord account access and rotate tokens if possible. If a credit card was linked to a compromised account contact your credit card company.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-9rwj-8mh9-4876 for updates pertaining to this vulnerability.
    Patches
    carloprojectdiscord GHSA-9rwj-8mh9-4876
  • In Development

    Nodejs (npm) Security Update for donotinstallthis (GHSA-73hr-6785-f5p8)

    Severity
    Urgent5
    Qualys ID
    983362
    Vendor Reference
    GHSA-73hr-6785-f5p8
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    The package `donotinstallthis` contained malicious code. The package contained a script that was run as part of the install script. The script contacted a remote service tracking how many installations were done. There is no further compromise.


    ## Recommendation

    Remove the package from your environment.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-73hr-6785-f5p8 for updates pertaining to this vulnerability.
    Patches
    donotinstallthis GHSA-73hr-6785-f5p8
  • In Development

    Nodejs (npm) Security Update for destroyer-of-worlds (GHSA-w3f3-4j22-2v3p)

    Severity
    Urgent5
    Qualys ID
    983361
    Vendor Reference
    GHSA-w3f3-4j22-2v3p
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    The package `destroyer-of-worlds` contained malicious code. The package contained a bash script that was run as a postinstall script. The script deleted system files and attempted to exhaust resources by creating a large file, a fork bomb and an endless loop. The script targeted UNIX systems.


    ## Recommendation

    Remove the package from your environment and perform additional incident response on your system's files and processes.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-w3f3-4j22-2v3p for updates pertaining to this vulnerability.
    Patches
    destroyer-of-worlds GHSA-w3f3-4j22-2v3p
  • In Development

    Nodejs (npm) Security Update for reqest (GHSA-hg5q-rj62-c43g)

    Severity
    Urgent5
    Qualys ID
    983360
    Vendor Reference
    GHSA-hg5q-rj62-c43g
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `reqest` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hg5q-rj62-c43g for updates pertaining to this vulnerability.
    Patches
    reqest GHSA-hg5q-rj62-c43g
  • In Development

    Nodejs (npm) Security Update for saync (GHSA-pm9v-325f-5g74)

    Severity
    Urgent5
    Qualys ID
    983359
    Vendor Reference
    GHSA-pm9v-325f-5g74
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `saync ` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-pm9v-325f-5g74 for updates pertaining to this vulnerability.
    Patches
    saync GHSA-pm9v-325f-5g74
  • In Development

    Nodejs (npm) Security Update for bowee (GHSA-wgvj-6v57-wjh3)

    Severity
    Urgent5
    Qualys ID
    983358
    Vendor Reference
    GHSA-wgvj-6v57-wjh3
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.8.4 of `bowee` contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wgvj-6v57-wjh3 for updates pertaining to this vulnerability.
    Patches
    bowee GHSA-wgvj-6v57-wjh3
  • In Development

    Nodejs (npm) Security Update for whiteproject (GHSA-8j7x-pr59-m5h8)

    Severity
    Urgent5
    Qualys ID
    983357
    Vendor Reference
    GHSA-8j7x-pr59-m5h8
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `whiteproject` contain obfuscated malware that uploads Discord user tokens to a remote server. This allows attackers to make purchases on behalf of users if they have credit cards linked to their Discord accounts.


    ## Recommendation

    Remove the package from your environment. Review your Discord account access and rotate tokens if possible. If a credit card was linked to a compromised account contact your credit card company.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8j7x-pr59-m5h8 for updates pertaining to this vulnerability.
    Patches
    whiteproject GHSA-8j7x-pr59-m5h8
  • In Development

    Nodejs (npm) Security Update for bowe (GHSA-xmmp-hrmx-x5g7)

    Severity
    Urgent5
    Qualys ID
    983356
    Vendor Reference
    GHSA-xmmp-hrmx-x5g7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.8.4 of `bowee` contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-xmmp-hrmx-x5g7 for updates pertaining to this vulnerability.
    Patches
    bowe GHSA-xmmp-hrmx-x5g7
  • In Development

    Nodejs (npm) Security Update for browserift (GHSA-43vf-2x6g-p2m5)

    Severity
    Urgent5
    Qualys ID
    983355
    Vendor Reference
    GHSA-43vf-2x6g-p2m5
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 16.3.3 of `browserift` contained malicious code as a preinstall script. The package was a backdoor that opened a connection to a remote server and executed incoming commands on both Unix and Windows machines


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-43vf-2x6g-p2m5 for updates pertaining to this vulnerability.
    Patches
    browserift GHSA-43vf-2x6g-p2m5
  • In Development

    Nodejs (npm) Security Update for colro-name (GHSA-jp9g-5x75-ccp8)

    Severity
    Urgent5
    Qualys ID
    983354
    Vendor Reference
    GHSA-jp9g-5x75-ccp8
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 9.0.0 of `colro-name` contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-jp9g-5x75-ccp8 for updates pertaining to this vulnerability.
    Patches
    colro-name GHSA-jp9g-5x75-ccp8
  • In Development

    Nodejs (npm) Security Update for colour-string (GHSA-8mmf-qp7j-2w24)

    Severity
    Urgent5
    Qualys ID
    983353
    Vendor Reference
    GHSA-8mmf-qp7j-2w24
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.5.3 of `colour-string` contained malicious code as a preinstall script. The package downloaded a file from a remote server, executed it and opened a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8mmf-qp7j-2w24 for updates pertaining to this vulnerability.
    Patches
    colour-string GHSA-8mmf-qp7j-2w24
  • In Development

    Nodejs (npm) Security Update for froever (GHSA-2r8f-2665-3gxq)

    Severity
    Urgent5
    Qualys ID
    983352
    Vendor Reference
    GHSA-2r8f-2665-3gxq
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `froever` contain malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opened a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2r8f-2665-3gxq for updates pertaining to this vulnerability.
    Patches
    froever GHSA-2r8f-2665-3gxq
  • In Development

    Nodejs (npm) Security Update for hulp (GHSA-fqw7-8v6m-2f86)

    Severity
    Urgent5
    Qualys ID
    983351
    Vendor Reference
    GHSA-fqw7-8v6m-2f86
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `hulp` contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fqw7-8v6m-2f86 for updates pertaining to this vulnerability.
    Patches
    hulp GHSA-fqw7-8v6m-2f86
  • In Development

    Nodejs (npm) Security Update for jqeury (GHSA-4964-cjrr-jg97)

    Severity
    Urgent5
    Qualys ID
    983350
    Vendor Reference
    GHSA-4964-cjrr-jg97
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 3.3.1 of `jqeury` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opened a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4964-cjrr-jg97 for updates pertaining to this vulnerability.
    Patches
    jqeury GHSA-4964-cjrr-jg97
  • In Development

    Nodejs (npm) Security Update for jquerz (GHSA-c6f3-3c98-2j2f)

    Severity
    Urgent5
    Qualys ID
    983349
    Vendor Reference
    GHSA-c6f3-3c98-2j2f
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.0.1 of `jquerz` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opens a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-c6f3-3c98-2j2f for updates pertaining to this vulnerability.
    Patches
    jquerz GHSA-c6f3-3c98-2j2f
  • In Development

    Nodejs (npm) Security Update for logsymbles (GHSA-vcg5-9xw6-r56c)

    Severity
    Urgent5
    Qualys ID
    983348
    Vendor Reference
    GHSA-vcg5-9xw6-r56c
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 2.2.0 of `logsymbles` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opens a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vcg5-9xw6-r56c for updates pertaining to this vulnerability.
    Patches
    logsymbles GHSA-vcg5-9xw6-r56c
  • In Development

    Nodejs (npm) Security Update for require-ports (GHSA-qj3g-wfr7-3cv7)

    Severity
    Urgent5
    Qualys ID
    983347
    Vendor Reference
    GHSA-qj3g-wfr7-3cv7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 10.4.0 of `require-ports` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opens a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-qj3g-wfr7-3cv7 for updates pertaining to this vulnerability.
    Patches
    require-ports GHSA-qj3g-wfr7-3cv7
  • In Development

    Nodejs (npm) Security Update for tensorplow (GHSA-m2fp-c79h-rr79)

    Severity
    Urgent5
    Qualys ID
    983346
    Vendor Reference
    GHSA-m2fp-c79h-rr79
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `tensorplow` contain malicious code as a preinstall script. When installed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-m2fp-c79h-rr79 for updates pertaining to this vulnerability.
    Patches
    tensorplow GHSA-m2fp-c79h-rr79
  • In Development

    Nodejs (npm) Security Update for uglyfi-js (GHSA-9xww-fwh9-95c5)

    Severity
    Urgent5
    Qualys ID
    983345
    Vendor Reference
    GHSA-9xww-fwh9-95c5
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 3.4.6 of `uglyfi-js` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opens a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-9xww-fwh9-95c5 for updates pertaining to this vulnerability.
    Patches
    uglyfi-js GHSA-9xww-fwh9-95c5
  • In Development

    Nodejs (npm) Security Update for yeoman-genrator (GHSA-fm7r-2pr7-rw2p)

    Severity
    Urgent5
    Qualys ID
    983344
    Vendor Reference
    GHSA-fm7r-2pr7-rw2p
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 3.1.1 of `yeoman-genrator` contains malicious code as a preinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads a file from a remote server, executes it and opens a backdoor.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fm7r-2pr7-rw2p for updates pertaining to this vulnerability.
    Patches
    yeoman-genrator GHSA-fm7r-2pr7-rw2p
  • In Development

    Nodejs (npm) Security Update for rimrafall (GHSA-8hq2-fcqm-39hq)

    Severity
    Urgent5
    Qualys ID
    983343
    Vendor Reference
    GHSA-8hq2-fcqm-39hq
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.0.0 of `rimrafall` contains malicious code as a preinstall script. The package attempts to remove all files in the system's root folder.


    ## Recommendation

    If you installed this package it is likely your machine was erased. If not, remove the package from your system and verify if any files were deleted.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8hq2-fcqm-39hq for updates pertaining to this vulnerability.
    Patches
    rimrafall GHSA-8hq2-fcqm-39hq
  • In Development

    Nodejs (npm) Security Update for angluar-cli (GHSA-8mm3-2mcj-cx6r)

    Severity
    Urgent5
    Qualys ID
    983342
    Vendor Reference
    GHSA-8mm3-2mcj-cx6r
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 0.0.3 of `angluar-cli` contains malicious code as a postinstall script. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed the package attempts to remove files and stop processes related to McAfee antivirus on macOS.


    ## Recommendation

    Remove the package from your environment and verify whether files were deleted and if processes were stopped.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8mm3-2mcj-cx6r for updates pertaining to this vulnerability.
    Patches
    angluar-cli GHSA-8mm3-2mcj-cx6r
  • In Development

    Nodejs (npm) Security Update for smartsearchwp (GHSA-fgp6-8g62-qx6w)

    Severity
    Urgent5
    Qualys ID
    983341
    Vendor Reference
    GHSA-fgp6-8g62-qx6w
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `smartsearchwp` contain malicious code. The package is malware intended to steal credentials from websites it is loaded in. It traverses DOM elements looking for fields such as `username` and `password` and uploads it to a remote server. The package also port-scans the local gateway and uploads the information to the remote server. It has a feature to fetch commands from the remote server and execute them with `eval`. The npm security team analysis found several bugs in the malware that prevent it from actually performing its actions. The malicious code is also not invoked upon installation or require; it would require transpiling TypeScript code and using it in a website.



    ## Recommendation

    Remove the package from your environment. There is no indication of further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fgp6-8g62-qx6w for updates pertaining to this vulnerability.
    Patches
    smartsearchwp GHSA-fgp6-8g62-qx6w
  • In Development

    Nodejs (npm) Security Update for maleficent (GHSA-cr5w-6rv4-r2qg)

    Severity
    Urgent5
    Qualys ID
    983340
    Vendor Reference
    GHSA-cr5w-6rv4-r2qg
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `maleficent` contain malicious code. The package is a demonstration of possible risks when installing npm packages. It gathers system information such as: environment variables, OS information, network interface, AWS credentials, npm credentials and ssh keys. The package prints the information to a local file but does not upload it to a remote server.



    ## Recommendation

    Remove the package from your environment. There is no further compromise.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-cr5w-6rv4-r2qg for updates pertaining to this vulnerability.
    Patches
    maleficent GHSA-cr5w-6rv4-r2qg
  • In Development

    Nodejs (npm) Security Update for font-scrubber (GHSA-65j7-66p7-9xgf)

    Severity
    Urgent5
    Qualys ID
    983339
    Vendor Reference
    GHSA-65j7-66p7-9xgf
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.2.2 of `font-scrubber` contains malicious code as a postinstall script. The package attempts to upload sensitive files from the system to a remote server. The files include configuration files, command history logs, SSH keys and /etc/passwd.


    ## Recommendation

    Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer.

    The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-65j7-66p7-9xgf for updates pertaining to this vulnerability.
    Patches
    font-scrubber GHSA-65j7-66p7-9xgf
  • In Development

    Nodejs (npm) Security Update for shrugging-logging (GHSA-qv78-398w-cxp7)

    Severity
    Urgent5
    Qualys ID
    983338
    Vendor Reference
    GHSA-qv78-398w-cxp7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `shrugging-logging` contain malicious code as a postinstall script. The package fetches all names of npm packages owned by the user and attempts to add another maintainer to every package as a means of package hijacking,


    ## Recommendation

    Remove the package from your system. If you own any packages that were compromised please contact npm security immediately at security@npmjs.com. Also enable 2FA for publishing to further secure packages you maintain.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-qv78-398w-cxp7 for updates pertaining to this vulnerability.
    Patches
    shrugging-logging GHSA-qv78-398w-cxp7
  • In Development

    Nodejs (npm) Security Update for blubird (GHSA-rvww-x6m4-4vc2)

    Severity
    Urgent5
    Qualys ID
    983337
    Vendor Reference
    GHSA-rvww-x6m4-4vc2
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 3.5.0 of `blubird` contains malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive.


    ## Recommendation

    Remove the package from your environment and verify whether your system is running the cryptocurrency miner.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-rvww-x6m4-4vc2 for updates pertaining to this vulnerability.
    Patches
    blubird GHSA-rvww-x6m4-4vc2
  • In Development

    Nodejs (npm) Security Update for commmander (GHSA-q42c-rrp3-r3xm)

    Severity
    Urgent5
    Qualys ID
    983336
    Vendor Reference
    GHSA-q42c-rrp3-r3xm
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `commmander` contain malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive.


    ## Recommendation

    Remove the package from your environment and verify whether your system is running the cryptocurrency miner.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-q42c-rrp3-r3xm for updates pertaining to this vulnerability.
    Patches
    commmander GHSA-q42c-rrp3-r3xm
  • In Development

    Nodejs (npm) Security Update for commqnder (GHSA-4xgp-xrg3-c73w)

    Severity
    Urgent5
    Qualys ID
    983335
    Vendor Reference
    GHSA-4xgp-xrg3-c73w
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `commqnder` contain malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive.


    ## Recommendation

    Remove the package from your environment and verify whether your system is running the cryptocurrency miner.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4xgp-xrg3-c73w for updates pertaining to this vulnerability.
    Patches
    commqnder GHSA-4xgp-xrg3-c73w
  • In Development

    Nodejs (npm) Security Update for epress (GHSA-vf8q-pw7h-r2x2)

    Severity
    Urgent5
    Qualys ID
    983334
    Vendor Reference
    GHSA-vf8q-pw7h-r2x2
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 4.13.2 of `epress` contains malicious code . The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. Upon require the package attempts to start a cryptocurrency miner using coin-hive.


    ## Recommendation

    Remove the package from your environment and verify whether your system is running the cryptocurrency miner.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vf8q-pw7h-r2x2 for updates pertaining to this vulnerability.
    Patches
    epress GHSA-vf8q-pw7h-r2x2
  • In Development

    Nodejs (npm) Security Update for test-module-a (GHSA-76xq-58hj-vwm2)

    Severity
    Urgent5
    Qualys ID
    983333
    Vendor Reference
    GHSA-76xq-58hj-vwm2
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `test-module-a` contain malicious code as a preinstall script. The package fetches all names of npm packages owned by the user and attempts to add another maintainer to every package as a means of package hijacking,


    ## Recommendation

    Remove the package from your system. If you own any packages that were compromised please contact npm security immediately at security@npmjs.com. Also enable 2FA for publishing to further secure packages you maintain.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-76xq-58hj-vwm2 for updates pertaining to this vulnerability.
    Patches
    test-module-a GHSA-76xq-58hj-vwm2
  • In Development

    Nodejs (npm) Security Update for ng-ui-library (GHSA-2xw5-3767-qxvm)

    Severity
    Urgent5
    Qualys ID
    983332
    Vendor Reference
    GHSA-2xw5-3767-qxvm
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 1.0.987 of `ng-ui-library` contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to `https://js-metrics.com/minjs.php?pl=`



    ## Recommendation

    Remove the package from your environment and evaluate your application to determine whether or not user data was compromised.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2xw5-3767-qxvm for updates pertaining to this vulnerability.
    Patches
    ng-ui-library GHSA-2xw5-3767-qxvm
  • In Development

    Nodejs (npm) Security Update for getcookies (GHSA-3cjv-4phw-gvvv)

    Severity
    Urgent5
    Qualys ID
    983331
    Vendor Reference
    GHSA-3cjv-4phw-gvvv
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    The `getcookies` module contained a backdoor that would allow for a remote attacker to execute arbitrary commands on the system running the malicious module.


    ## Recommendation

    This module should be uninstalled if found used within an application. In addition to removing the installed module, you will also want to evaluate your application to determine whether or not user data or systems were compromised.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3cjv-4phw-gvvv for updates pertaining to this vulnerability.
    Patches
    getcookies GHSA-3cjv-4phw-gvvv
  • In Development

    Nodejs (npm) Security Update for nothing-js (GHSA-353r-3v84-9pjj)

    Severity
    Urgent5
    Qualys ID
    983330
    Vendor Reference
    GHSA-353r-3v84-9pjj
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    `nothing-js` contained a malicious script that attempted to delete all files when `npm test` was run.


    ## Recommendation

    This module has been unpublished from the npm Registry. If you find this module in your environment remove it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-353r-3v84-9pjj for updates pertaining to this vulnerability.
    Patches
    nothing-js GHSA-353r-3v84-9pjj
  • In Development

    Nodejs (npm) Security Update for ladder-text-js (GHSA-33gc-f8v9-v8hm)

    Severity
    Urgent5
    Qualys ID
    983329
    Vendor Reference
    GHSA-33gc-f8v9-v8hm
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    `ladder-text-js` contained a malicious script that attempted to delete all files when `npm test` was run.



    ## Recommendation

    This module has been unpublished from the npm Registry. If you find this module in your environment remove it.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-33gc-f8v9-v8hm for updates pertaining to this vulnerability.
    Patches
    ladder-text-js GHSA-33gc-f8v9-v8hm
  • In Development

    Nodejs (npm) Security Update for boogeyman (GHSA-9hc2-w9gg-q6jw)

    Severity
    Urgent5
    Qualys ID
    983328
    Vendor Reference
    GHSA-9hc2-w9gg-q6jw
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `boogeyman` are considered malicious. This particular package would download a payload from pastebin.com, eval it to read ssh keys and the users `.npmrc` and send them to a private pastebin account.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate your ssh keys and your npm token.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-9hc2-w9gg-q6jw for updates pertaining to this vulnerability.
    Patches
    boogeyman GHSA-9hc2-w9gg-q6jw
  • In Development

    Nodejs (npm) Security Update for axois (GHSA-wpfc-3w63-g4hm)

    Severity
    Urgent5
    Qualys ID
    983327
    Vendor Reference
    GHSA-wpfc-3w63-g4hm
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `axois` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wpfc-3w63-g4hm for updates pertaining to this vulnerability.
    Patches
    axois GHSA-wpfc-3w63-g4hm
  • In Development

    Nodejs (npm) Security Update for regenraotr (GHSA-5x7p-gm79-383m)

    Severity
    Urgent5
    Qualys ID
    983326
    Vendor Reference
    GHSA-5x7p-gm79-383m
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `regenraotr` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5x7p-gm79-383m for updates pertaining to this vulnerability.
    Patches
    regenraotr GHSA-5x7p-gm79-383m
  • In Development

    Nodejs (npm) Security Update for regenrator (GHSA-m5p4-7wf9-6w99)

    Severity
    Urgent5
    Qualys ID
    983325
    Vendor Reference
    GHSA-m5p4-7wf9-6w99
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `regenrator` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-m5p4-7wf9-6w99 for updates pertaining to this vulnerability.
    Patches
    regenrator GHSA-m5p4-7wf9-6w99
  • In Development

    Nodejs (npm) Security Update for soket.io (GHSA-wp2p-q35g-3rjj)

    Severity
    Urgent5
    Qualys ID
    983324
    Vendor Reference
    GHSA-wp2p-q35g-3rjj
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `soket.io` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wp2p-q35g-3rjj for updates pertaining to this vulnerability.
    Patches
    soket.io GHSA-wp2p-q35g-3rjj
  • In Development

    Nodejs (npm) Security Update for soket.js (GHSA-x6gq-467r-hwcc)

    Severity
    Urgent5
    Qualys ID
    983323
    Vendor Reference
    GHSA-x6gq-467r-hwcc
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `soket.js` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-x6gq-467r-hwcc for updates pertaining to this vulnerability.
    Patches
    soket.js GHSA-x6gq-467r-hwcc
  • In Development

    Nodejs (npm) Security Update for foever (GHSA-j3qq-qvc8-c6g7)

    Severity
    Urgent5
    Qualys ID
    983322
    Vendor Reference
    GHSA-j3qq-qvc8-c6g7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `foever` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands.


    ## Recommendation

    This package was published to the npm Registry for a very short period of time. If you happen to find it in your environment you should revoke and rotate all credentials found on the compromised machine, as well as completely erase the affected machine and reinstall your Operating System.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-j3qq-qvc8-c6g7 for updates pertaining to this vulnerability.
    Patches
    foever GHSA-j3qq-qvc8-c6g7
  • In Development

    Nodejs (npm) Security Update for commander-js (GHSA-2hqf-qqmq-pgpp)

    Severity
    Urgent5
    Qualys ID
    983321
    Vendor Reference
    GHSA-2hqf-qqmq-pgpp
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `commander-js` are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When installed, the package downloads an arbitrary file and executes its contents as a post-install script.


    ## Recommendation

    This package is not available on the npm Registry anymore. If you happen to find this package in your environment you should consider the system it was installed on compromised and assess if further response (such as rotating all credentials found on the compromised machine) is necessary.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2hqf-qqmq-pgpp for updates pertaining to this vulnerability.
    Patches
    commander-js GHSA-2hqf-qqmq-pgpp
  • In Development

    Nodejs (npm) Security Update for rrgod (GHSA-277p-xwpp-3jf7)

    Severity
    Urgent5
    Qualys ID
    983320
    Vendor Reference
    GHSA-277p-xwpp-3jf7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `rrgod` are considered malicious. The package is malware designed to run arbitrary scripts. When installed, the package downloads an arbitrary file and executes its contents as a pre, post and install scripts.


    ## Recommendation

    This package is not available on the npm Registry anymore. If you happen to find this package in your environment you should consider the system it was installed on compromised and assess if further response (such as rotating all credentials found on the compromised machine) is necessary.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-277p-xwpp-3jf7 for updates pertaining to this vulnerability.
    Patches
    rrgod GHSA-277p-xwpp-3jf7
  • In Development

    Nodejs (npm) Security Update for portionfatty12 (GHSA-p8fm-w787-x6x3)

    Severity
    Urgent5
    Qualys ID
    983319
    Vendor Reference
    GHSA-p8fm-w787-x6x3
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `portionfatty12` are considered malicious. The package is malware designed to steal user's data. When installed it uploads the user's public SSH keys to a remote server.


    ## Recommendation

    This package is not available on the npm Registry anymore. If you happen to find this package in your environment you should consider the system it was installed on compromised and assess if further response (such as rotating all credentials found on the compromised machine) is necessary.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p8fm-w787-x6x3 for updates pertaining to this vulnerability.
    Patches
    portionfatty12 GHSA-p8fm-w787-x6x3
  • In Development

    Nodejs (npm) Security Update for 4equest (GHSA-p33q-w45h-2hcj)

    Severity
    Urgent5
    Qualys ID
    983318
    Vendor Reference
    GHSA-p33q-w45h-2hcj
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `4equest` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p33q-w45h-2hcj for updates pertaining to this vulnerability.
    Patches
    4equest GHSA-p33q-w45h-2hcj
  • In Development

    Nodejs (npm) Security Update for jajajejejiji (GHSA-rggq-f2wf-m6cp)

    Severity
    Urgent5
    Qualys ID
    983317
    Vendor Reference
    GHSA-rggq-f2wf-m6cp
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `jajajejejiji` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-rggq-f2wf-m6cp for updates pertaining to this vulnerability.
    Patches
    jajajejejiji GHSA-rggq-f2wf-m6cp
  • In Development

    Nodejs (npm) Security Update for wepack-cli (GHSA-fpw3-x4xq-6vxq)

    Severity
    Urgent5
    Qualys ID
    983316
    Vendor Reference
    GHSA-fpw3-x4xq-6vxq
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `wepack-cli` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fpw3-x4xq-6vxq for updates pertaining to this vulnerability.
    Patches
    wepack-cli GHSA-fpw3-x4xq-6vxq
  • In Development

    Nodejs (npm) Security Update for asinc (GHSA-87qw-7v97-w34r)

    Severity
    Urgent5
    Qualys ID
    983315
    Vendor Reference
    GHSA-87qw-7v97-w34r
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `asinc` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-87qw-7v97-w34r for updates pertaining to this vulnerability.
    Patches
    asinc GHSA-87qw-7v97-w34r
  • In Development

    Nodejs (npm) Security Update for asymc (GHSA-x6ch-c6rv-f7wh)

    Severity
    Urgent5
    Qualys ID
    983314
    Vendor Reference
    GHSA-x6ch-c6rv-f7wh
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `asymc` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-x6ch-c6rv-f7wh for updates pertaining to this vulnerability.
    Patches
    asymc GHSA-x6ch-c6rv-f7wh
  • In Development

    Nodejs (npm) Security Update for asynnc (GHSA-5fm9-jmv7-fcx5)

    Severity
    Urgent5
    Qualys ID
    983313
    Vendor Reference
    GHSA-5fm9-jmv7-fcx5
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `asynnc` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5fm9-jmv7-fcx5 for updates pertaining to this vulnerability.
    Patches
    asynnc GHSA-5fm9-jmv7-fcx5
  • In Development

    Nodejs (npm) Security Update for asyync (GHSA-rm7c-x424-g2mw)

    Severity
    Urgent5
    Qualys ID
    983312
    Vendor Reference
    GHSA-rm7c-x424-g2mw
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `asyync` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-rm7c-x424-g2mw for updates pertaining to this vulnerability.
    Patches
    asyync GHSA-rm7c-x424-g2mw
  • In Development

    Nodejs (npm) Security Update for aasync (GHSA-9mjp-gv34-3jcf)

    Severity
    Urgent5
    Qualys ID
    983311
    Vendor Reference
    GHSA-9mjp-gv34-3jcf
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `aasync` typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo. There is no further compromise.


    ## Recommendation

    Remove the package from your dependencies and always ensure package names are typed correctly upon installation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-9mjp-gv34-3jcf for updates pertaining to this vulnerability.
    Patches
    aasync GHSA-9mjp-gv34-3jcf
  • In Development

    Nodejs (npm) Security Update for eslint-config-eslint (GHSA-pv55-r6j3-wp94)

    Severity
    Urgent5
    Qualys ID
    983298
    Vendor Reference
    GHSA-pv55-r6j3-wp94
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Version 5.0.2 of `eslint-config-eslint` was published without authorization and was found to contain malicious code. This code would read the users `.npmrc` file and send any found authentication tokens to a remote server.


    ## Recommendation

    The best course of action if you found this package installed in your environment is to revoke all your npm tokens. You can find instructions on how to do that here. https://docs.npmjs.com/getting-started/working_with_tokens#how-to-revoke-tokens
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-pv55-r6j3-wp94 for updates pertaining to this vulnerability.
    Patches
    eslint-config-eslint GHSA-pv55-r6j3-wp94
  • CVE-2019-5485
    In Development

    Nodejs (npm) Security Update for gitlabhook (GHSA-549f-73hh-mj38)

    Severity
    Urgent5
    Qualys ID
    983396
    Vendor Reference
    GHSA-549f-73hh-mj38
    CVE Reference
    CVE-2019-5485
    CVSS Scores
    Base 10 / Temporal 8.7
    Description
    All versions of `gitlabhook` are vulnerable to Command Injection. The package does not validate input the body of POST request and concatenates it to an exec call, allowing attackers to run arbitrary commands in the system.


    ## Recommendation

    No fix is currently available. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-549f-73hh-mj38 for updates pertaining to this vulnerability.
    Patches
    gitlabhook GHSA-549f-73hh-mj38
  • CVE-2019-10758
    In Development

    Nodejs (npm) Security Update for mongo-express (GHSA-h47j-hc6x-h3qq)

    Severity
    Critical4
    Qualys ID
    983474
    Vendor Reference
    GHSA-h47j-hc6x-h3qq
    CVE Reference
    CVE-2019-10758
    CVSS Scores
    Base 9.9 / Temporal 8.6
    Description
    Security update has been released for mongo-express to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Remote code execution on the host machine by any authenticated user.
    Solution
    Users should upgrade to version `0.54.0`Workaround:
    _Is there a way for users to fix or remediate the vulnerability without upgrading?_
    Patches
    mongo-express GHSA-h47j-hc6x-h3qq
  • CVE-2015-8857
    In Development

    Nodejs (npm) Security Update for uglify-js (GHSA-g6f4-j6c2-w3p3)

    Severity
    Critical4
    Qualys ID
    983490
    Vendor Reference
    GHSA-g6f4-j6c2-w3p3
    CVE Reference
    CVE-2015-8857
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Withdrawn, accidental duplicate publish.

    The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-g6f4-j6c2-w3p3 for updates pertaining to this vulnerability.
    Patches
    uglify-js GHSA-g6f4-j6c2-w3p3
  • CVE-2018-3746
    In Development

    Nodejs (npm) Security Update for pdfinfojs (GHSA-3pxp-6963-46r9)

    Severity
    Critical4
    Qualys ID
    983427
    Vendor Reference
    GHSA-3pxp-6963-46r9
    CVE Reference
    CVE-2018-3746
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions of `pdfinfojs` before 0.4.1 are vulnerable to command injection. This is exploitable if an attacker can control the filename parameter that is passed into the `pdfinfojs` constructor.


    ## Recommendation

    Update to version 0.4.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3pxp-6963-46r9 for updates pertaining to this vulnerability.
    Patches
    pdfinfojs GHSA-3pxp-6963-46r9
  • CVE-2018-3784
    In Development

    Nodejs (npm) Security Update for cryo (GHSA-38f5-ghc2-fcmv)

    Severity
    Critical4
    Qualys ID
    983418
    Vendor Reference
    GHSA-38f5-ghc2-fcmv
    CVE Reference
    CVE-2018-3784
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of `cryo` are vulnerable to code injection due to an Insecure implementation of deserialization.


    ## Proof of concept

    ```
    var Cryo = require('cryo');
    var frozen = '{"root":"_CRYO_REF_3","references":[{"contents":{},"value":"_CRYO_FUNCTION_function () {console.log(\"defconrussia\"); return 1111;}"},{"contents":{},"value":"_CRYO_FUNCTION_function () {console.log(\"defconrussia\");return 2222;}"},{"contents":{"toString":"_CRYO_REF_0","valueOf":"_CRYO_REF_1"},"value":"_CRYO_OBJECT_"},{"contents":{"__proto__":"_CRYO_REF_2"},"value":"_CRYO_OBJECT_"}]}'
    var hydrated = Cryo.parse(frozen);
    console.log(hydrated);
    ```


    ## Recommendation

    No fix is currently available. Consider using an alternative module until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-38f5-ghc2-fcmv for updates pertaining to this vulnerability.
    Patches
    cryo GHSA-38f5-ghc2-fcmv
  • CVE-2020-8149
    In Development

    Nodejs (npm) Security Update for logkitty (GHSA-v8v8-6859-qxm4)

    Severity
    Critical4
    Qualys ID
    983400
    Vendor Reference
    GHSA-v8v8-6859-qxm4
    CVE Reference
    CVE-2020-8149
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v8v8-6859-qxm4 for updates pertaining to this vulnerability.
    Patches
    logkitty GHSA-v8v8-6859-qxm4
  • CVE-2021-21685+
    In Development

    Red Hat Update for OpenShift Container Platform 4.9.9 (RHSA-2021:4833)

    Severity
    Critical4
    Qualys ID
    239919
    Vendor Reference
    RHSA-2021:4833
    CVE Reference
    CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695, CVE-2021-21696, CVE-2021-21697, CVE-2021-21698
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.9. See the following advisory for the container images for this release:https://access.redhat.com/errata/RHSA-2021:4834

    Security Fix(es): jenkins-2-plugins/subversion: does not restrict the name of a file when looking up a subversion key (CVE-2021-21698)
    jenkins: FilePath#mkdirs does not check permission to create parent directories (CVE-2021-21685)
    jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories (CVE-2021-21686)
    jenkins: FilePath#untar does not check permission to create symbolic links when unarchiving a symbolic link (CVE-2021-21687)
    jenkins: FilePath#reading(FileVisitor)
    does not reject any operations allowing users to have unrestricted read access (CVE-2021-21688)
    jenkins: FilePath#unzip and FilePath#untar were not subject to any access control (CVE-2021-21689)
    jenkins: Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path (CVE-2021-21690)
    jenkins: Creating symbolic links is possible without the symlink permission (CVE-2021-21691)
    jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path (CVE-2021-21692)
    jenkins: When creating temporary files, permission to create files is only checked after they have been created. (CVE-2021-21693)
    jenkins: FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions (CVE-2021-21694)
    jenkins: FilePath#listFiles lists files outside directories with agent read access when following symbolic links. (CVE-2021-21695)

    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch. Refer to Applying Package Updates to RHEL system for details.

    Refer to Red Hat security advisory RHSA-2021:4833 to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:4833
  • CVE-2021-42739+
    Recently Published

    Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-5165-1)

    Severity
    Critical4
    Qualys ID
    198589
    Date Published
    December 1, 2021
    Vendor Reference
    USN-5165-1
    CVE Reference
    CVE-2021-42739, CVE-2021-42327, CVE-2021-3772, CVE-2021-43056, CVE-2021-43267, CVE-2021-43389, CVE-2021-3760
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The nfc subsystem in the linux kernel contained a use-after-free vulnerability in its nfc controller interface (nci) implementation.
    The sctp protocol implementation in the linux kernel did not properly verify vtags in some situations.
    The amd radeon gpu driver in the linux kernel did not properly validate writes in the debugfs file system.
    The firedtv firewire driver in the linux kernel did not properly perform bounds checking in some situations.
    The kvm implementation for power8 processors in the linux kernel did not properly keep track if a wakeup event could be resolved by a guest.
    The tipc protocol implementation in the linux kernel did not properly validate msg_crypto messages in some situations.
    The isdn capi implementation in the linux kernel contained a race condition in certain situations that could trigger an array out-of-bounds bug.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-3760).
    A remote attacker could possibly use this to cause a denial of service (connection disassociation).
    (CVE-2021-3772).
    A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42327).
    A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739).
    An attacker in a guest vm could possibly use this to cause a denial of service (host os crash) (CVE-2021-43056).
    An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267).
    A privileged local attacker could possibly use this to cause a denial of service or execute arbitrary code.
    (CVE-2021-43389).
    Solution
    Refer to Ubuntu advisory: USN-5165-1 for affected packages and patching details, or update with your package manager.
    Patches
    Ubuntu Linux USN-5165-1
  • CVE-2016-8640
    In Development

    Python (pip) Security Update for pycsw (GHSA-hg4c-rgvm-964g)

    Severity
    Critical4
    Qualys ID
    983492
    Vendor Reference
    GHSA-hg4c-rgvm-964g
    CVE Reference
    CVE-2016-8640
    CVSS Scores
    Base 9.1 / Temporal 7.9
    Description
    A SQL injection vulnerability in pycsw all versions before 2.0.2, 1.10.5 and 1.8.6 that leads to read and extract of any data from any table in the pycsw database that the database user has access to. Also on PostgreSQL (at least) it is possible to perform updates/inserts/deletes and database modifications to any table the database user has access to.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hg4c-rgvm-964g for updates pertaining to this vulnerability.
    Patches
    pycsw GHSA-hg4c-rgvm-964g
  • CVE-2021-21898+
    Recently Published

    Fedora Security Update for libdxfrw (FEDORA-2021-67c946a9f3)

    Severity
    Critical4
    Qualys ID
    282089
    Date Published
    December 1, 2021
    Vendor Reference
    FEDORA-2021-67c946a9f3
    CVE Reference
    CVE-2021-21898, CVE-2021-21899, CVE-2021-21900
    CVSS Scores
    Base 8.8 / Temporal 7.7
    Description
    Fedora has released a security update for libdxfrw to fix the vulnerability.

    Affected OS:
    Fedora 34



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    This vulnerability could be exploited to gain remote access to sensitive information and execute commands.
    Solution
    Fedora has issued updated packages to fix this vulnerability.

    For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
    Fedora 34 Update

    Patches
    Fedora 34 FEDORA-2021-67c946a9f3
  • CVE-2018-8039
    In Development

    Java (maven) Security Update for org.apache.cxf:apache-cxf (GHSA-jc7r-v6fg-2gpf)

    Severity
    Critical4
    Qualys ID
    983484
    Vendor Reference
    GHSA-jc7r-v6fg-2gpf
    CVE Reference
    CVE-2018-8039
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-jc7r-v6fg-2gpf for updates pertaining to this vulnerability.
    Patches
    org.apache.cxf:apache-cxf GHSA-jc7r-v6fg-2gpf, org.apache.cxf:apache-cxf GHSA-jc7r-v6fg-2gpf, org.apache.cxf:cxf GHSA-jc7r-v6fg-2gpf
  • CVE-2016-10579
    In Development

    Nodejs (npm) Security Update for chromedriver (GHSA-jh5w-6964-x5cf)

    Severity
    Critical4
    Qualys ID
    983456
    Vendor Reference
    GHSA-jh5w-6964-x5cf
    CVE Reference
    CVE-2016-10579
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `chromedriver` insecurely download resources over HTTP.

    In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. This may result in arbitrary code execution if an attacker intercepts and modifies the downloaded binary file, replacing it with a malicious one.



    ## Recommendation

    Update to version 2.26.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-jh5w-6964-x5cf for updates pertaining to this vulnerability.
    Patches
    chromedriver GHSA-jh5w-6964-x5cf
  • CVE-2016-10654
    In Development

    Nodejs (npm) Security Update for sfml (GHSA-5q5w-mf87-57x4)

    Severity
    Critical4
    Qualys ID
    983453
    Vendor Reference
    GHSA-5q5w-mf87-57x4
    CVE Reference
    CVE-2016-10654
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `sfml` insecurely download resources over HTTP.

    In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on the behavior of the package itself, it ranges from being able to read sensitive information all the way up to and including remote code execution.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5q5w-mf87-57x4 for updates pertaining to this vulnerability.
    Patches
    sfml GHSA-5q5w-mf87-57x4
  • CVE-2016-10644
    In Development

    Nodejs (npm) Security Update for slimerjs-edge (GHSA-5rc6-2r3r-fv79)

    Severity
    Critical4
    Qualys ID
    983452
    Vendor Reference
    GHSA-5rc6-2r3r-fv79
    CVE Reference
    CVE-2016-10644
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `slimerjs-edge` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `slimerjs-edge`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5rc6-2r3r-fv79 for updates pertaining to this vulnerability.
    Patches
    slimerjs-edge GHSA-5rc6-2r3r-fv79
  • CVE-2016-10660
    In Development

    Nodejs (npm) Security Update for fis-parser-sass-bin (GHSA-5pq8-2q24-mj3p)

    Severity
    Critical4
    Qualys ID
    983451
    Vendor Reference
    GHSA-5pq8-2q24-mj3p
    CVE Reference
    CVE-2016-10660
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `fis-parser-sass-bin` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `fis-parser-sass-bin`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5pq8-2q24-mj3p for updates pertaining to this vulnerability.
    Patches
    fis-parser-sass-bin GHSA-5pq8-2q24-mj3p
  • CVE-2016-10655
    In Development

    Nodejs (npm) Security Update for clang-extra (GHSA-59m2-j944-839w)

    Severity
    Critical4
    Qualys ID
    983447
    Vendor Reference
    GHSA-59m2-j944-839w
    CVE Reference
    CVE-2016-10655
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `clang-extra` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `clang-extra`.


    ## Recommendation

    No patch is currently available for this vulnerability. The package author stated that no patch is possible until llvm provides HTTPS support, and a patch would be possible if that ever happened in the future.

    The best mitigation option is to reduce the risk of exploitation as much as possible. This can be done by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-59m2-j944-839w for updates pertaining to this vulnerability.
    Patches
    clang-extra GHSA-59m2-j944-839w
  • CVE-2016-10571
    In Development

    Nodejs (npm) Security Update for bkjs-wand (GHSA-4wm5-q7wv-6jx3)

    Severity
    Critical4
    Qualys ID
    983443
    Vendor Reference
    GHSA-4wm5-q7wv-6jx3
    CVE Reference
    CVE-2016-10571
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `bkjs-wand` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `bkjs-wand`.


    ## Recommendation

    Update to version 0.3.2 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4wm5-q7wv-6jx3 for updates pertaining to this vulnerability.
    Patches
    bkjs-wand GHSA-4wm5-q7wv-6jx3
  • CVE-2016-10682
    In Development

    Nodejs (npm) Security Update for massif (GHSA-4v2c-g2xc-47fv)

    Severity
    Critical4
    Qualys ID
    983439
    Vendor Reference
    GHSA-4v2c-g2xc-47fv
    CVE Reference
    CVE-2016-10682
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `massif` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `massif`.


    ## Recommendation

    No patch is currently available for this vulnerability, and the package has not seen an update since 2013.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4v2c-g2xc-47fv for updates pertaining to this vulnerability.
    Patches
    massif GHSA-4v2c-g2xc-47fv
  • CVE-2016-10606
    In Development

    Nodejs (npm) Security Update for grunt-webdriver-qunit (GHSA-4q79-fch7-g78q)

    Severity
    Critical4
    Qualys ID
    983437
    Vendor Reference
    GHSA-4q79-fch7-g78q
    CVE Reference
    CVE-2016-10606
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `grunt-webdriver-qunit` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `grunt-webdriver-qunit`.


    ## Recommendation

    No patch is currently available for this vulnerability, and the package author has marked the package as deprecated.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4q79-fch7-g78q for updates pertaining to this vulnerability.
    Patches
    grunt-webdriver-qunit GHSA-4q79-fch7-g78q
  • CVE-2016-10650
    In Development

    Nodejs (npm) Security Update for ntfserver (GHSA-476p-r2wx-2wch)

    Severity
    Critical4
    Qualys ID
    983435
    Vendor Reference
    GHSA-476p-r2wx-2wch
    CVE Reference
    CVE-2016-10650
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `ntfserver` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `ntfserver`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-476p-r2wx-2wch for updates pertaining to this vulnerability.
    Patches
    ntfserver GHSA-476p-r2wx-2wch
  • CVE-2016-10668
    In Development

    Nodejs (npm) Security Update for libsbml (GHSA-432j-4fw9-2g6f)

    Severity
    Critical4
    Qualys ID
    983433
    Vendor Reference
    GHSA-432j-4fw9-2g6f
    CVE Reference
    CVE-2016-10668
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `libsbml` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `libsbml`.


    ## Recommendation

    No patch is currently available for this vulnerability, and the package has not seen an update since 2013.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-432j-4fw9-2g6f for updates pertaining to this vulnerability.
    Patches
    libsbml GHSA-432j-4fw9-2g6f
  • CVE-2016-10679
    In Development

    Nodejs (npm) Security Update for selenium-standalone-painful (GHSA-3x83-p476-vv95)

    Severity
    Critical4
    Qualys ID
    983432
    Vendor Reference
    GHSA-3x83-p476-vv95
    CVE Reference
    CVE-2016-10679
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `selenium-standalone-painful` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `selenium-standalone-painful`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3x83-p476-vv95 for updates pertaining to this vulnerability.
    Patches
    selenium-standalone-painful GHSA-3x83-p476-vv95
  • CVE-2016-10627
    In Development

    Nodejs (npm) Security Update for scala-bin (GHSA-3vv5-42wr-m32g)

    Severity
    Critical4
    Qualys ID
    983428
    Vendor Reference
    GHSA-3vv5-42wr-m32g
    CVE Reference
    CVE-2016-10627
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `scala-bin` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `scala-bin`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3vv5-42wr-m32g for updates pertaining to this vulnerability.
    Patches
    scala-bin GHSA-3vv5-42wr-m32g
  • CVE-2016-10623
    In Development

    Nodejs (npm) Security Update for macaca-chromedriver-zxa (GHSA-3c87-r9f7-qfgq)

    Severity
    Critical4
    Qualys ID
    983419
    Vendor Reference
    GHSA-3c87-r9f7-qfgq
    CVE Reference
    CVE-2016-10623
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `macaca-chromedriver-zxa` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `macaca-chromedriver-zxa`.


    ## Recommendation

    The best mitigation is to manually set the download URL to a safe HTTPS server via the `CHROMEDRIVER_CDNURL` environment variable.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3c87-r9f7-qfgq for updates pertaining to this vulnerability.
    Patches
    macaca-chromedriver-zxa GHSA-3c87-r9f7-qfgq
  • CVE-2016-10617
    In Development

    Nodejs (npm) Security Update for box2d-native (GHSA-362x-34h3-h6h6)

    Severity
    Critical4
    Qualys ID
    983416
    Vendor Reference
    GHSA-362x-34h3-h6h6
    CVE Reference
    CVE-2016-10617
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `box2d-native` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `box2d-native`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-362x-34h3-h6h6 for updates pertaining to this vulnerability.
    Patches
    box2d-native GHSA-362x-34h3-h6h6
  • CVE-2016-10576
    In Development

    Nodejs (npm) Security Update for fuseki (GHSA-3627-w2qr-5fxr)

    Severity
    Critical4
    Qualys ID
    983415
    Vendor Reference
    GHSA-3627-w2qr-5fxr
    CVE Reference
    CVE-2016-10576
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `fuseki` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `fuseki`.


    ## Recommendation

    Update to version 1.0.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3627-w2qr-5fxr for updates pertaining to this vulnerability.
    Patches
    fuseki GHSA-3627-w2qr-5fxr
  • CVE-2016-10565
    In Development

    Nodejs (npm) Security Update for operadriver (GHSA-2wrq-wmqf-8vcc)

    Severity
    Critical4
    Qualys ID
    983413
    Vendor Reference
    GHSA-2wrq-wmqf-8vcc
    CVE Reference
    CVE-2016-10565
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    operadriver is a Opera Driver for Selenium.

    operadriver versions below 0.2.3 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server.


    ## Recommendation

    Update to version 0.2.3 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2wrq-wmqf-8vcc for updates pertaining to this vulnerability.
    Patches
    operadriver GHSA-2wrq-wmqf-8vcc
  • CVE-2016-10651
    In Development

    Nodejs (npm) Security Update for webdriver-launcher (GHSA-2vqv-hp3p-fmv8)

    Severity
    Critical4
    Qualys ID
    983412
    Vendor Reference
    GHSA-2vqv-hp3p-fmv8
    CVE Reference
    CVE-2016-10651
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `webdriver-launcher` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `webdriver-launcher`.


    ## Recommendation

    No patch is currently available for this vulnerability, and the package has not seen an update since 2011.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2vqv-hp3p-fmv8 for updates pertaining to this vulnerability.
    Patches
    webdriver-launcher GHSA-2vqv-hp3p-fmv8
  • CVE-2016-10694
    In Development

    Nodejs (npm) Security Update for alto-saxophone (GHSA-2p69-gxpm-5469)

    Severity
    Critical4
    Qualys ID
    983411
    Vendor Reference
    GHSA-2p69-gxpm-5469
    CVE Reference
    CVE-2016-10694
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `alto-saxophone` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `alto-saxophone`.


    ## Recommendation

    Update to version 2.25.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2p69-gxpm-5469 for updates pertaining to this vulnerability.
    Patches
    alto-saxophone GHSA-2p69-gxpm-5469
  • CVE-2016-10559
    In Development

    Nodejs (npm) Security Update for selenium-download (GHSA-2mvm-66q7-m256)

    Severity
    Critical4
    Qualys ID
    983410
    Vendor Reference
    GHSA-2mvm-66q7-m256
    CVE Reference
    CVE-2016-10559
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `selenium-download` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `selenium-download`.


    ## Recommendation

    Update to version 2.0.7 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2mvm-66q7-m256 for updates pertaining to this vulnerability.
    Patches
    selenium-download GHSA-2mvm-66q7-m256
  • CVE-2016-10676
    In Development

    Nodejs (npm) Security Update for rs-brightcove (GHSA-3w76-x94r-pw44)

    Severity
    Critical4
    Qualys ID
    983401
    Vendor Reference
    GHSA-3w76-x94r-pw44
    CVE Reference
    CVE-2016-10676
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `rs-brightcove` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `rs-brightcove`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3w76-x94r-pw44 for updates pertaining to this vulnerability.
    Patches
    rs-brightcove GHSA-3w76-x94r-pw44
  • CVE-2016-10618
    In Development

    Nodejs (npm) Security Update for node-browser (GHSA-8r98-rqg5-4vm3)

    Severity
    Critical4
    Qualys ID
    983388
    Vendor Reference
    GHSA-8r98-rqg5-4vm3
    CVE Reference
    CVE-2016-10618
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    Affected versions of `node-browser` insecurely downloads resources over HTTP.

    In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and depends on the behavior of the package itself, it ranges from being able to read sensitive information all the way up to and including remote code execution.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8r98-rqg5-4vm3 for updates pertaining to this vulnerability.
    Patches
    node-browser GHSA-8r98-rqg5-4vm3
  • CVE-2019-20201+
    Recently Published

    OpenSUSE Security Update for netcdf (openSUSE-SU-2021:3815-1)

    Severity
    Critical4
    Qualys ID
    751409
    Date Published
    December 1, 2021
    Vendor Reference
    openSUSE-SU-2021:3815-1
    CVE Reference
    CVE-2019-20201, CVE-2019-20199, CVE-2019-20198, CVE-2019-20006, CVE-2019-20007, CVE-2019-20200, CVE-2021-31229, CVE-2021-30485, CVE-2021-31348, CVE-2021-31598, CVE-2019-20202, CVE-2021-26220, CVE-2021-26221, CVE-2021-26222, CVE-2019-20005, CVE-2021-31347
    CVSS Scores
    Base 8.1 / Temporal 7.1
    Description
    OpenSUSE has released a security update for netcdf to fix the vulnerabilities.

    Affected Products:
    openSUSE Leap 15.3


    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    Malicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Upgrade to the latest packages which contain a patch. To install this OpenSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to SUSE security advisory openSUSE-SU-2021:3815-1 to address this issue and obtain further details.

    Patches
    OpenSuse openSUSE-SU-2021:3815-1
  • CVE-2020-36385+
    Recently Published

    Red Hat Update for kernel-rt (RHSA-2021:4875)

    Severity
    Critical4
    Qualys ID
    239918
    Date Published
    December 1, 2021
    Vendor Reference
    RHSA-2021:4875
    CVE Reference
    CVE-2020-36385, CVE-2021-20317
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description

    the kernel-rt packages provide the real time linux kernel, which enables fine-tuning for systems with extremely high determinism requirements.

    Security Fix(es):
    • kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (cve-2020-36385)
    • kernel: timer tree corruption leads to missing wakeup and system freeze (cve-2021-20317)

    Affected Products:

    • Red Hat enterprise linux for real time - telecommunications update service 8.2 x86_64
    • Red Hat enterprise linux for real time for nfv - telecommunications update service 8.2 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch.

    Refer to Refer to :
    Applying Package Updates to RHEL system
    for details.

    Refer to Red Hat security advisory RHSA-2021:4875 Update to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:4875
  • CVE-2020-36385+
    Recently Published

    Red Hat Update for kernel (RHSA-2021:4871)

    Severity
    Critical4
    Qualys ID
    239917
    Date Published
    December 1, 2021
    Vendor Reference
    RHSA-2021:4871
    CVE Reference
    CVE-2020-36385, CVE-2021-20317
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description

    the kernel packages contain the linux kernel, the core of any linux operating system.

    Security Fix(es):
    • kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (cve-2020-36385)
    • kernel: timer tree corruption leads to missing wakeup and system freeze (cve-2021-20317)

    Affected Products:

    • Red Hat enterprise linux for x86_64 - extended update support 8.2 x86_64
    • Red Hat enterprise linux server - aus 8.2 x86_64
    • Red Hat enterprise linux for ibm z systems - extended update support 8.2 s390x
    • Red Hat enterprise linux for power, little endian - extended update support 8.2 ppc64le
    • Red Hat enterprise linux server - tus 8.2 x86_64
    • Red Hat enterprise linux for arm 64 - extended update support 8.2 aarch64
    • Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.2 ppc64le
    • Red Hat enterprise linux server - update services for sap solutions 8.2 x86_64
    • Red Hat codeready linux builder for x86_64 - extended update support 8.2 x86_64
    • Red Hat codeready linux builder for power, little endian - extended update support 8.2 ppc64le
    • Red Hat codeready linux builder for arm 64 - extended update support 8.2 aarch64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch.

    Refer to Refer to :
    Applying Package Updates to RHEL system
    for details.

    Refer to Red Hat security advisory RHSA-2021:4871 Update to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:4871
  • CVE-2020-36385
    Recently Published

    Red Hat Update for kpatch-patch (RHSA-2021:4859)

    Severity
    Critical4
    Qualys ID
    239914
    Date Published
    December 1, 2021
    Vendor Reference
    RHSA-2021:4859
    CVE Reference
    CVE-2020-36385
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description

    this is a kernel live patch module which is automatically loaded by the rpm post-install script to modify the code of a running kernel.

    Security Fix(es):
    • kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (cve-2020-36385)

    Affected Products:

    • Red Hat enterprise linux for x86_64 - extended update support 8.2 x86_64
    • Red Hat enterprise linux server - aus 8.2 x86_64
    • Red Hat enterprise linux for power, little endian - extended update support 8.2 ppc64le
    • Red Hat enterprise linux server - tus 8.2 x86_64
    • Red Hat enterprise linux server (for ibm power le) - update services for sap solutions 8.2 ppc64le
    • Red Hat enterprise linux server - update services for sap solutions 8.2 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch.

    Refer to Refer to :
    Applying Package Updates to RHEL system
    for details.

    Refer to Red Hat security advisory RHSA-2021:4859 Update to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:4859
  • CVE-2021-3655+
    Recently Published

    Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5162-1)

    Severity
    Critical4
    Qualys ID
    198586
    Date Published
    December 1, 2021
    Vendor Reference
    USN-5162-1
    CVE Reference
    CVE-2021-3655, CVE-2021-42252, CVE-2021-3744, CVE-2021-43057, CVE-2021-3764
    CVSS Scores
    Base 7.8 / Temporal 6.8
    Description
    The sctp implementation in the linux kernel did not properly perform size validations on incoming packets in some situations.
    The amd cryptographic coprocessor (ccp) driver in the linux kernel did not properly deallocate memory in some error conditions.
    The aspeed low pin count (lpc) bus controller implementation in the linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access.
    The selinux subsystem in the linux kernel did not properly handle subjective credentials for tasks in some situations.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    an attacker could possibly use this to expose sensitive information (kernel memory) (cve-2021-3655).
    A local attacker could use this to cause a denial of service (memory exhaustion) (cve-2021-3744, cve-2021-3764).
    A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
    In ubuntu, this issue only affected systems running armhf kernels. (
    Cve-2021-42252).
    On systems where selinux has been enabled, a local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code.
    (cve-2021-43057).
    Solution
    Refer to Ubuntu advisory: USN-5162-1 for affected packages and patching details, or update with your package manager.
    Patches
    Ubuntu Linux USN-5162-1
  • CVE-2019-12760
    In Development

    Python (pip) Security Update for parso (GHSA-22mf-97vh-x8rw)

    Severity
    Critical4
    Qualys ID
    983478
    Vendor Reference
    GHSA-22mf-97vh-x8rw
    CVE Reference
    CVE-2019-12760
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    ** DISPUTED ** A deserialization vulnerability exists in the way parso through 0.4.0 handles grammar parsing from the cache. Cache loading relies on pickle and, provided that an evil pickle can be written to a cache grammar file and that its parsing can be triggered, this flaw leads to Arbitrary Code Execution. NOTE: This is disputed because "the cache directory is not under control of the attacker in any common configuration."
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-22mf-97vh-x8rw for updates pertaining to this vulnerability.
    Patches
    parso GHSA-22mf-97vh-x8rw
  • CVE-2018-12022
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-wrr7-33fx-rcvj)

    Severity
    Critical4
    Qualys ID
    983461
    Vendor Reference
    GHSA-wrr7-33fx-rcvj
    CVE Reference
    CVE-2018-12022
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    **Withdrawn:** Duplicate of GHSA-cjjf-94ff-43w7
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wrr7-33fx-rcvj for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-wrr7-33fx-rcvj
  • CVE-2018-3711
    In Development

    Nodejs (npm) Security Update for fastify (GHSA-mq6c-fh97-4gwv)

    Severity
    Critical4
    Qualys ID
    983457
    Vendor Reference
    GHSA-mq6c-fh97-4gwv
    CVE Reference
    CVE-2018-3711
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `fastify` are vulnerable to a denial of service when processing a request with `Content-Type` set to `application/json` and a very large payload.


    ## Recommendation

    Update to version 0.38.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mq6c-fh97-4gwv for updates pertaining to this vulnerability.
    Patches
    fastify GHSA-mq6c-fh97-4gwv
  • CVE-2018-16479
    In Development

    Nodejs (npm) Security Update for http-live-simulator (GHSA-7c9w-qmrq-ff8r)

    Severity
    Critical4
    Qualys ID
    983454
    Vendor Reference
    GHSA-7c9w-qmrq-ff8r
    CVE Reference
    CVE-2018-16479
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Versions of `http-live-simulator` prior to 1.0.7 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths. For example: `curl --path-as-is http://localhost:8080//../../../../etc/passwd`.


    ## Recommendation

    Upgrade to version 1.0.7
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7c9w-qmrq-ff8r for updates pertaining to this vulnerability.
    Patches
    http-live-simulator GHSA-7c9w-qmrq-ff8r
  • CVE-2017-16212
    In Development

    Nodejs (npm) Security Update for ltt (GHSA-5jg5-w395-9684)

    Severity
    Critical4
    Qualys ID
    983449
    Vendor Reference
    GHSA-5jg5-w395-9684
    CVE Reference
    CVE-2017-16212
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `ltt` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5jg5-w395-9684 for updates pertaining to this vulnerability.
    Patches
    ltt GHSA-5jg5-w395-9684
  • CVE-2017-16192
    In Development

    Nodejs (npm) Security Update for getcityapi.yoehoehne (GHSA-4vcm-qfxh-p6c3)

    Severity
    Critical4
    Qualys ID
    983441
    Vendor Reference
    GHSA-4vcm-qfxh-p6c3
    CVE Reference
    CVE-2017-16192
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `getcityapi.yoehoehne` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4vcm-qfxh-p6c3 for updates pertaining to this vulnerability.
    Patches
    getcityapi.yoehoehne GHSA-4vcm-qfxh-p6c3
  • CVE-2017-16169
    In Development

    Nodejs (npm) Security Update for looppake (GHSA-4vfj-c2xf-8r48)

    Severity
    Critical4
    Qualys ID
    983440
    Vendor Reference
    GHSA-4vfj-c2xf-8r48
    CVE Reference
    CVE-2017-16169
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `looppake` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4vfj-c2xf-8r48 for updates pertaining to this vulnerability.
    Patches
    looppake GHSA-4vfj-c2xf-8r48
  • CVE-2018-16493
    In Development

    Nodejs (npm) Security Update for static-resource-server (GHSA-45j8-pm75-5v8x)

    Severity
    Critical4
    Qualys ID
    983434
    Vendor Reference
    GHSA-45j8-pm75-5v8x
    CVE Reference
    CVE-2018-16493
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Versions of `simplehttpserver` prior to 0.2.1 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths.


    ## Recommendation

    Upgrade to version 0.2.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-45j8-pm75-5v8x for updates pertaining to this vulnerability.
    Patches
    static-resource-server GHSA-45j8-pm75-5v8x
  • CVE-2017-16131
    In Development

    Nodejs (npm) Security Update for unicorn-list (GHSA-3vg2-4qxc-ch4j)

    Severity
    Critical4
    Qualys ID
    983430
    Vendor Reference
    GHSA-3vg2-4qxc-ch4j
    CVE Reference
    CVE-2017-16131
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `unicorn-list` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3vg2-4qxc-ch4j for updates pertaining to this vulnerability.
    Patches
    unicorn-list GHSA-3vg2-4qxc-ch4j
  • CVE-2018-3730
    In Development

    Nodejs (npm) Security Update for mcstatic (GHSA-3r8f-gphx-9m2c)

    Severity
    Critical4
    Qualys ID
    983426
    Vendor Reference
    GHSA-3r8f-gphx-9m2c
    CVE Reference
    CVE-2018-3730
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    All versions of `mcstatic` are vulnerable to path traversal.


    ## Recommendation

    No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3r8f-gphx-9m2c for updates pertaining to this vulnerability.
    Patches
    mcstatic GHSA-3r8f-gphx-9m2c
  • CVE-2018-16475
    In Development

    Nodejs (npm) Security Update for knightjs (GHSA-3hvm-hgpw-rx4j)

    Severity
    Critical4
    Qualys ID
    983423
    Vendor Reference
    GHSA-3hvm-hgpw-rx4j
    CVE Reference
    CVE-2018-16475
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    All versions of `knightjs` are vulnerable to Path Traversal.

    This vulnerability allows an attacker to read content of arbitrary files on the server due to lack of input validation.


    ## Recommendation

    As there is currently no fix for this module we recommend not using this module in production environments.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3hvm-hgpw-rx4j for updates pertaining to this vulnerability.
    Patches
    knightjs GHSA-3hvm-hgpw-rx4j
  • CVE-2017-16094
    In Development

    Nodejs (npm) Security Update for iter-http (GHSA-3cgg-gh9j-w8vm)

    Severity
    Critical4
    Qualys ID
    983422
    Vendor Reference
    GHSA-3cgg-gh9j-w8vm
    CVE Reference
    CVE-2017-16094
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `iter-http` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3cgg-gh9j-w8vm for updates pertaining to this vulnerability.
    Patches
    iter-http GHSA-3cgg-gh9j-w8vm
  • CVE-2018-3737
    In Development

    Nodejs (npm) Security Update for sshpk (GHSA-2m39-62fm-q8r3)

    Severity
    Critical4
    Qualys ID
    983409
    Vendor Reference
    GHSA-2m39-62fm-q8r3
    CVE Reference
    CVE-2018-3737
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Versions of `sshpk` before 1.13.2 or 1.14.1 are vulnerable to regular expression denial of service when parsing crafted invalid public keys.


    ## Recommendation

    Update to version 1.13.2, 1.14.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2m39-62fm-q8r3 for updates pertaining to this vulnerability.
    Patches
    sshpk GHSA-2m39-62fm-q8r3
  • CVE-2019-5423
    In Development

    Nodejs (npm) Security Update for http-live-simulator (GHSA-2hhw-p8mg-jrm6)

    Severity
    Critical4
    Qualys ID
    983407
    Vendor Reference
    GHSA-2hhw-p8mg-jrm6
    CVE Reference
    CVE-2019-5423
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Versions of `http-live-simulator` prior to 1.0.6 are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths.


    ## Recommendation

    Upgrade to version 1.0.6
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2hhw-p8mg-jrm6 for updates pertaining to this vulnerability.
    Patches
    http-live-simulator GHSA-2hhw-p8mg-jrm6
  • CVE-2017-16084
    In Development

    Nodejs (npm) Security Update for list-n-stream (GHSA-23vf-5g53-hm9q)

    Severity
    Critical4
    Qualys ID
    983405
    Vendor Reference
    GHSA-23vf-5g53-hm9q
    CVE Reference
    CVE-2017-16084
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `list-n-stream` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    Update to version 0.0.11 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-23vf-5g53-hm9q for updates pertaining to this vulnerability.
    Patches
    list-n-stream GHSA-23vf-5g53-hm9q
  • CVE-2017-16178
    In Development

    Nodejs (npm) Security Update for intsol-package (GHSA-23wc-v4mf-x7v4)

    Severity
    Critical4
    Qualys ID
    983404
    Vendor Reference
    GHSA-23wc-v4mf-x7v4
    CVE Reference
    CVE-2017-16178
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    `intsol-package` is a file server.

    `intsol-package` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.

    Example Request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:localhost
    ```
    and the server's Response
    ```
    HTTP/1.1 200 OK
    Date: Thu, 04 May 2017 23:59:18 GMT
    Connection: keep-alive
    Transfer-Encoding: chunked

    {contents of /etc/passwd}
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-23wc-v4mf-x7v4 for updates pertaining to this vulnerability.
    Patches
    intsol-package GHSA-23wc-v4mf-x7v4
  • CVE-2016-10598
    In Development

    Nodejs (npm) Security Update for arrayfire-js (GHSA-238x-q7xf-p4xw)

    Severity
    Critical4
    Qualys ID
    983403
    Vendor Reference
    GHSA-238x-q7xf-p4xw
    CVE Reference
    CVE-2016-10598
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `arrayfire-js` insecurely download an executable over an unencrypted HTTP connection.

    In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system running `arrayfire-js`.


    ## Recommendation

    No patch is currently available for this vulnerability.

    The best mitigation is currently to avoid using this package, using a different package if available.

    Alternatively, the risk of exploitation can be reduced by ensuring that this package is not installed while connected to a public network. If the package is installed on a private network, the only people who can exploit this vulnerability are those who have compromised your network or those who have privileged access to your ISP, such as Nation State Actors or Rogue ISP Employees.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-238x-q7xf-p4xw for updates pertaining to this vulnerability.
    Patches
    arrayfire-js GHSA-238x-q7xf-p4xw
  • CVE-2019-5484
    In Development

    Nodejs (npm) Security Update for bower (GHSA-p6mr-pxg4-68hx)

    Severity
    Critical4
    Qualys ID
    983395
    Vendor Reference
    GHSA-p6mr-pxg4-68hx
    CVE Reference
    CVE-2019-5484
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Versions of `bower` prior to 1.8.8 are affected by an arbitrary file write vulnerability. The vulnerability occurs because `bower` does not verify that extracted symbolic links do not resolve to targets outside of the extraction root directory.



    ## Recommendation

    Update to version 1.8.8 or later
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p6mr-pxg4-68hx for updates pertaining to this vulnerability.
    Patches
    bower GHSA-p6mr-pxg4-68hx
  • CVE-2017-16218
    In Development

    Nodejs (npm) Security Update for dgard8.lab6 (GHSA-xqfm-ff6g-24c7)

    Severity
    Critical4
    Qualys ID
    983391
    Vendor Reference
    GHSA-xqfm-ff6g-24c7
    CVE Reference
    CVE-2017-16218
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description
    Affected versions of `dgard8.lab6` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    Example request:
    ```
    GET /../../../../../../../../../../etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No patch is available for this vulnerability.

    It is recommended that the package is only used for local development, and if the functionality is needed for production, a different package is used instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-xqfm-ff6g-24c7 for updates pertaining to this vulnerability.
    Patches
    dgard8.lab6 GHSA-xqfm-ff6g-24c7
  • CVE-2021-30640+
    Recently Published

    Red Hat Update for red hat jboss web server 5.6.0 (RHSA-2021:4861)

    Severity
    Critical4
    Qualys ID
    239916
    Date Published
    December 1, 2021
    Vendor Reference
    RHSA-2021:4861
    CVE Reference
    CVE-2021-30640, CVE-2021-33037, CVE-2021-42340
    CVSS Scores
    Base 7.5 / Temporal 6.5
    Description

    Red Hat jboss web server is a fully integrated and certified set of components for hosting java web applications.
    It is comprised of the apache tomcat servlet container, jboss http connector (mod_cluster), the picketlink vault extension for apache tomcat, and the tomcat native library.

    Security Fix(es):
    • tomcat: outofmemoryerror caused by http upgrade connection leak could lead to dos (cve-2021-42340)
    • tomcat: http request smuggling when used with a reverse proxy (cve-2021-33037)
    • tomcat: jndi realm authentication weakness (cve-2021-30640)

    Affected Products:

    • jboss enterprise web server 5 for rhel 8 x86_64
    • jboss enterprise web server 5 for rhel 7 x86_64



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    On successful exploitation, it could allow an attacker to execute code.
    Solution
    Upgrade to the latest packages which contain a patch.

    Refer to Refer to :
    Applying Package Updates to RHEL system
    for details.

    Refer to Red Hat security advisory RHSA-2021:4861 Update to address this issue and obtain more information.

    Patches
    Red Hat Enterprise Linux RHSA-2021:4861
  • CVE-2018-7574
    In Development

    Python (pip) Security Update for tensorflow (GHSA-943p-xc6m-c6gr)

    Severity
    Critical4
    Qualys ID
    983468
    Vendor Reference
    GHSA-943p-xc6m-c6gr
    CVE Reference
    CVE-2018-7574
    CVSS Scores
    Base 7.1 / Temporal 6.2
    Description
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-7576, CVE-2018-21233. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should consult CVE-2018-7576 and CVE-2018-21233 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-943p-xc6m-c6gr for updates pertaining to this vulnerability.
    Patches
    tensorflow GHSA-943p-xc6m-c6gr
  • CVE-2018-3714
    In Development

    Nodejs (npm) Security Update for node-srv (GHSA-52r9-g5g6-2hjp)

    Severity
    Critical4
    Qualys ID
    983445
    Vendor Reference
    GHSA-52r9-g5g6-2hjp
    CVE Reference
    CVE-2018-3714
    CVSS Scores
    Base 6.5 / Temporal 5.7
    Description
    Versions of `node-srv` before 2.1.1 are vulnerable to path traversal allowing a remote attacker to read files from the server that uses `node-srv`.


    ## Recommendation

    Update to version 2.1.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-52r9-g5g6-2hjp for updates pertaining to this vulnerability.
    Patches
    node-srv GHSA-52r9-g5g6-2hjp
  • CVE-2017-0930
    In Development

    Nodejs (npm) Security Update for augustine (GHSA-4wch-fwmx-cf47)

    Severity
    Critical4
    Qualys ID
    983442
    Vendor Reference
    GHSA-4wch-fwmx-cf47
    CVE Reference
    CVE-2017-0930
    CVSS Scores
    Base 6.5 / Temporal 5.7
    Description
    Affected versions of `augustine` resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system.

    ## Proof of Concept
    ```
    GET //etc/passwd HTTP/1.1
    host:foo
    ```


    ## Recommendation

    No direct patch is available at this time.

    Currently, the best mitigation for this flaw is to use a different, functionally equivalent static file server package.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4wch-fwmx-cf47 for updates pertaining to this vulnerability.
    Patches
    augustine GHSA-4wch-fwmx-cf47
  • CVE-2017-16021
    In Development

    Nodejs (npm) Security Update for uri-js (GHSA-333w-rxj3-f55r)

    Severity
    Critical4
    Qualys ID
    983414
    Vendor Reference
    GHSA-333w-rxj3-f55r
    CVE Reference
    CVE-2017-16021
    CVSS Scores
    Base 6.5 / Temporal 5.7
    Description
    Affected versions of `uri-js` is susceptible to a regular expression denial of service vulnerability when user input is sent to the `.parse()` method.



    ## Recommendation

    Update to v3.0.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-333w-rxj3-f55r for updates pertaining to this vulnerability.
    Patches
    uri-js GHSA-333w-rxj3-f55r
  • CVE-2014-7191
    In Development

    Nodejs (npm) Security Update for qs (GHSA-crvj-3gj9-gm2p)

    Severity
    Critical4
    Qualys ID
    983489
    Vendor Reference
    GHSA-crvj-3gj9-gm2p
    CVE Reference
    CVE-2014-7191
    CVSS Scores
    Base 6.2 / Temporal 5.4
    Description
    Withdrawn, accidental duplicate publish.

    The qs module before 1.0.0 in Node.js does not call the compact function for array data, which allows remote attackers to cause a denial of service (memory consumption) by using a large index value to create a sparse array.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-crvj-3gj9-gm2p for updates pertaining to this vulnerability.
    Patches
    qs GHSA-crvj-3gj9-gm2p
  • In Development

    Nodejs (npm) Security Update for http-proxy-agent (GHSA-8w57-jfpm-945m)

    Severity
    Critical4
    Qualys ID
    983306
    Vendor Reference
    GHSA-8w57-jfpm-945m
    CVSS Scores
    Base 6.2 / Temporal 5.4
    Description
    Versions of `http-proxy-agent` before 2.1.0 are vulnerable to denial of service and uninitialized memory leak when unsanitized options are passed to `Buffer`.


    ## Recommendation

    Update to version 2.1.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8w57-jfpm-945m for updates pertaining to this vulnerability.
    Patches
    http-proxy-agent GHSA-8w57-jfpm-945m
  • CVE-2016-7103
    In Development

    Nodejs (npm) Security Update for jquery-ui (GHSA-g8q2-24jh-5hpc)

    Severity
    Critical4
    Qualys ID
    983495
    Vendor Reference
    GHSA-g8q2-24jh-5hpc
    CVE Reference
    CVE-2016-7103
    CVSS Scores
    Base 6.1 / Temporal 5.3
    Description
    Withdrawn, accidental duplicate publish.

    Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-g8q2-24jh-5hpc for updates pertaining to this vulnerability.
    Patches
    jquery-ui GHSA-g8q2-24jh-5hpc
  • CVE-2019-15602
    In Development

    Nodejs (npm) Security Update for fileview (GHSA-gvr4-7xgc-gx3w)

    Severity
    Critical4
    Qualys ID
    983398
    Vendor Reference
    GHSA-gvr4-7xgc-gx3w
    CVE Reference
    CVE-2019-15602
    CVSS Scores
    Base 6.1 / Temporal 5.3
    Description
    All versions of `fileview` are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim's browser through files with names containing malicious code.


    ## Recommendation

    No fix is currently available. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-gvr4-7xgc-gx3w for updates pertaining to this vulnerability.
    Patches
    fileview GHSA-gvr4-7xgc-gx3w
  • CVE-2019-15603
    In Development

    Nodejs (npm) Security Update for seeftl (GHSA-4g46-5grc-wq49)

    Severity
    Critical4
    Qualys ID
    983397
    Vendor Reference
    GHSA-4g46-5grc-wq49
    CVE Reference
    CVE-2019-15603
    CVSS Scores
    Base 6.1 / Temporal 5.3
    Description
    All versions of `seeftl` are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize filenames, allowing attackers to execute arbitrary JavaScript in the victim's browser through files with names containing malicious code.


    ## Recommendation

    No fix is currently available. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4g46-5grc-wq49 for updates pertaining to this vulnerability.
    Patches
    seeftl GHSA-4g46-5grc-wq49
  • CVE-2018-1002204
    In Development

    Nodejs (npm) Security Update for adm-zip (GHSA-3v6h-hqm4-2rg6)

    Severity
    Critical4
    Qualys ID
    983429
    Vendor Reference
    GHSA-3v6h-hqm4-2rg6
    CVE Reference
    CVE-2018-1002204
    CVSS Scores
    Base 5.5 / Temporal 4.8
    Description
    Versions of `adm-zip` before 0.4.9 are vulnerable to arbitrary file write when used to extract a specifically crafted archive that contains path traversal filenames (`../../file.txt` for example).


    ## Recommendation

    Update to version 0.4.9 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3v6h-hqm4-2rg6 for updates pertaining to this vulnerability.
    Patches
    adm-zip GHSA-3v6h-hqm4-2rg6
  • CVE-2018-1199
    In Development

    Java (maven) Security Update for org.springframework.security:spring-security-core (GHSA-v596-fwhq-8x48)

    Severity
    Critical4
    Qualys ID
    983486
    Vendor Reference
    GHSA-v596-fwhq-8x48
    CVE Reference
    CVE-2018-1199
    CVSS Scores
    Base 5.3 / Temporal 4.6
    Description
    Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v596-fwhq-8x48 for updates pertaining to this vulnerability.
    Patches
    org.springframework.security:spring-security-core GHSA-v596-fwhq-8x48, org.springframework.security:spring-security-core GHSA-v596-fwhq-8x48, org.springframework:spring-core GHSA-v596-fwhq-8x48
  • CVE-2015-9238
    In Development

    Nodejs (npm) Security Update for secure-compare (GHSA-h9x2-5rm7-x4gm)

    Severity
    Critical4
    Qualys ID
    983392
    Vendor Reference
    GHSA-h9x2-5rm7-x4gm
    CVE Reference
    CVE-2015-9238
    CVSS Scores
    Base 5.3 / Temporal 4.6
    Description
    Versions of `secure-compare` prior to 3.0.1 are affected by a vulnerability that results in the package always returning true when comparing two strings of the same length, despite differences in the contents of those strings.


    ## Recommendation

    Upgrade to version 3.0.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-h9x2-5rm7-x4gm for updates pertaining to this vulnerability.
    Patches
    secure-compare GHSA-h9x2-5rm7-x4gm
  • CVE-2011-4103
    In Development

    Python (pip) Security Update for django-piston (GHSA-pvhp-v9qp-xf5r)

    Severity
    Critical4
    Qualys ID
    983497
    Vendor Reference
    GHSA-pvhp-v9qp-xf5r
    CVE Reference
    CVE-2011-4103
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    emitters.py in Django Piston before 0.2.3 and 0.2.x before 0.2.2.1 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method.

    Django Tastypie has a very similar vulnerability.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-pvhp-v9qp-xf5r for updates pertaining to this vulnerability.
    Patches
    django-piston GHSA-pvhp-v9qp-xf5r, django-tastypie GHSA-pvhp-v9qp-xf5r
  • CVE-2013-7323
    In Development

    Python (pip) Security Update for python-gnupg (GHSA-c2fx-8r76-gh36)

    Severity
    Critical4
    Qualys ID
    983483
    Vendor Reference
    GHSA-c2fx-8r76-gh36
    CVE Reference
    CVE-2013-7323
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-c2fx-8r76-gh36 for updates pertaining to this vulnerability.
    Patches
    python-gnupg GHSA-c2fx-8r76-gh36
  • In Development

    Nodejs (npm) Security Update for discord-markdown (GHSA-9r27-994c-4xch)

    Severity
    Critical4
    Qualys ID
    983472
    Vendor Reference
    GHSA-9r27-994c-4xch
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Security update has been released for discord-markdown to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    Any website using discord-markdown with user-generated markdown is vulnerable to having code injected into the page where the markdown is displayed.
    Solution
    This has been patched in version 2.3.1Workaround:
    Escape the characters `&lt;&gt;&amp;` before sending plain code blocks to discord-markdown.
    Patches
    discord-markdown GHSA-9r27-994c-4xch
  • In Development

    Nodejs (npm) Security Update for vp-toolkit (GHSA-ff5x-w9wg-h275)

    Severity
    Critical4
    Qualys ID
    983471
    Vendor Reference
    GHSA-ff5x-w9wg-h275
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Security update has been released for vp-toolkit to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    The [`verifyVerifiablePresentation()`](https://github.com/rabobank-blockchain/vp-toolkit/blob/master/src/service/signers/verifiable-presentation-signer.ts#L97) method check the cryptographic integrity of the Verifiable Presentation, but it does not check if the [`credentialSubject.id`](https://github.com/rabobank-blockchain/vp-toolkit-models/blob/develop/src/model/verifiable-credential.ts#L150) DID matches the signer of the VP proof.

    The **verifier** is impacted by this vulnerability.
    Solution
    Patch will be available in version 0.2.2.Workaround:
    - Compute the address out of the `verifiablePresentation.proof.n.verificationMethod` using `getAddressFromPubKey()` from `crypt-util@0.1.5` and match it with the `credentialSubject.id` address from the credential.
    Patches
    vp-toolkit GHSA-ff5x-w9wg-h275
  • In Development

    Nodejs (npm) Security Update for vp-toolkit (GHSA-p94w-42g3-f7h4)

    Severity
    Critical4
    Qualys ID
    983470
    Vendor Reference
    GHSA-p94w-42g3-f7h4
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Security update has been released for vp-toolkit to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    The [`verifyVerifiableCredential()`](https://github.com/rabobank-blockchain/vp-toolkit/blob/master/src/service/signers/verifiable-credential-signer.ts#L57) method check the cryptographic integrity of the Verifiable Credential, but it does not check if the [`credential.issuer`](https://github.com/rabobank-blockchain/vp-toolkit-models/blob/develop/src/model/verifiable-credential.ts#L129) DID matches the signer of the credential.

    The **verifier** is impacted by this vulnerability.
    Solution
    Patch will be available in version 0.2.2.Workaround:
    In case you trust certain issuers for certain credentials as a verifier, trust the issuer&#39;s public key from the `credential.proof.verificationMethod` field.
    Patches
    vp-toolkit GHSA-p94w-42g3-f7h4
  • CVE-2014-0114
    In Development

    Java (maven) Security Update for commons-beanutils:commons-beanutils (GHSA-p66x-2cv9-qq3v)

    Severity
    Critical4
    Qualys ID
    983467
    Vendor Reference
    GHSA-p66x-2cv9-qq3v
    CVE Reference
    CVE-2014-0114
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p66x-2cv9-qq3v for updates pertaining to this vulnerability.
    Patches
    commons-beanutils:commons-beanutils GHSA-p66x-2cv9-qq3v
  • CVE-2015-6420
    In Development

    Java (maven) Security Update for commons-collections:commons-collections (GHSA-6hgm-866r-3cjv)

    Severity
    Critical4
    Qualys ID
    983466
    Vendor Reference
    GHSA-6hgm-866r-3cjv
    CVE Reference
    CVE-2015-6420
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Serialized-object interfaces in Java applications using the Apache Commons Collections (ACC) library may allow remote attackers to execute arbitrary commands via a crafted serialized Java object.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-6hgm-866r-3cjv for updates pertaining to this vulnerability.
    Patches
    commons-collections:commons-collections GHSA-6hgm-866r-3cjv, org.apache.commons:commons-collections4 GHSA-6hgm-866r-3cjv
  • In Development

    Dotnet (nuget) Security Update for PeterO.Cbor (GHSA-cxw4-9qv9-vx5h)

    Severity
    Critical4
    Qualys ID
    983458
    Vendor Reference
    GHSA-cxw4-9qv9-vx5h
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Security update has been released for PeterO.Cbor to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    The CBOR library supports optional tags that enable CBOR objects to contain references to objects within them. Versions earlier than 4.0 resolved those references automatically. While this by itself doesn't cause much of a security problem, a denial of service can happen if those references are deeply nested and used multiple times (so that the same reference to the same object occurs multiple times), and if the decoded CBOR object is sent to a serialization method such as `EncodeToBytes`, `ToString`, or `ToJSONString`, since the objects referred to are expanded in the process and take up orders of magnitude more memory than if the references weren't resolved.

    The impact of this problem on any particular system varies. In general, the risk is higher if the system allows users to send arbitrary CBOR objects without authentication, or exposes a remote endpoint in which arbitrary CBOR objects can be sent without authentication.
    Solution
    This problem is addressed in version 4.0 by disabling reference resolution by default. Users should use the latest version of this library, which is 4.0 at the time of this writing.Workaround:
    Since version 3.6, an encoding option (`resolvereferences=true` or `resolvereferences=false`) in CBOREncodeOptions sets whether the CBOR processor will resolve these kinds of references when decoding a CBOR object. Set `resolvereferences=false` to disable reference resolution.

    In version 3.6, if the method used `CBORObject.Read()` or `CBORObject.DecodeFromBytes()` to decode a serialized CBOR object, call the overload that takes `CBOREncodeOptions` as follows:

    CBORObject.DecodeFromBytes(bytes, new CBOREncodeOptions("resolvereferences=false"));

    In versions 3.5 and earlier, this issue is present only if the CBOR object is an array or a map. If the application does not expect a decoded CBOR object to be an array or a map, it should check the CBOR object's type before encoding that object, as follows:

    if (cbor.Type != CBORType.Array && cbor.Type != CBORType.Map) {
    cbor.EncodeToBytes();
    }

    Alternatively, for such versions, the application can use `WriteTo` to decode the CBOR object to a so-called "limited memory stream", that is, a `Stream` that throws an exception if too many bytes would be written. How to write such a limited-memory stream is nontrivial and beyond the scope of this advisory.

    using(var stream = new LimitedMemoryStream(100000)) { // Limit to 100000 bytes
    cbor.WriteTo(stream);
    return stream.ToBytes();
    }

    To check whether a byte array representing a CBOR object might exhibit this problem, check whether the array contains the byte 0xd8 followed immediately by either 0x19 or 0x1d. This check catches all affected CBOR objects but may catch some non-affected CBOR objects (notably integers and byte strings).
    Patches
    PeterO.Cbor GHSA-cxw4-9qv9-vx5h
  • In Development

    Nodejs (npm) Security Update for static-eval (GHSA-x9hc-rw35-f44h)

    Severity
    Critical4
    Qualys ID
    983383
    Vendor Reference
    GHSA-x9hc-rw35-f44h
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Versions of `static-eval`prior to 2.0.2 pass untrusted user input directly to the global function constructor, resulting in an arbitrary code execution vulnerability when user input is parsed via the package.

    ## Proof of concept
    ```
    var evaluate = require('static-eval');
    var parse = require('esprima').parse;

    var src = process.argv[2];
    var payload = '(function({x}){return x.constructor})({x:"".sub})("console.log(process.env)")()'
    var ast = parse(payload).body[0].expression;
    console.log(evaluate(ast, {x:1}));
    ```


    ## Recommendation

    Upgrade to version 2.0.2 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-x9hc-rw35-f44h for updates pertaining to this vulnerability.
    Patches
    static-eval GHSA-x9hc-rw35-f44h
  • In Development

    Nodejs (npm) Security Update for node-red (GHSA-5g6j-8hv4-vfgj)

    Severity
    Critical4
    Qualys ID
    983380
    Vendor Reference
    GHSA-5g6j-8hv4-vfgj
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Versions of `node-red` prior to 0.18.6 are vulnerable to Cross-Site Scripting (XSS). The package fails to sanitize the `name` field in new items, allowing attackers to execute arbitrary JavaScript in the victim's browser.


    ## Recommendation

    Upgrade to version 0.18.6 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5g6j-8hv4-vfgj for updates pertaining to this vulnerability.
    Patches
    node-red GHSA-5g6j-8hv4-vfgj
  • In Development

    Nodejs (npm) Security Update for serve (GHSA-wm7q-rxch-43mx)

    Severity
    Critical4
    Qualys ID
    983299
    Vendor Reference
    GHSA-wm7q-rxch-43mx
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Versions of `serve` before 6.5.2 are vulnerable to the bypass of the ignore functionality. The bypass is possible because validation happens before canonicalization of paths and filenames.



    Example:
    Here we have a server that ignores the file test.txt.
    ```
    const serve = require('serve')
    const server = serve(__dirname, {
    port: 1337,
    ignore: ['test.txt']
    })
    ```

    Using the URL encoded form of a letter (%65 instead of e) attacker can bypass the ignore control accessing the file.

    `curl http://localhost:1337/t%65st.txt`

    Additionally this technique can be used to get directory listings of ignored directories.


    ## Recommendation

    Update to version 6.5.2 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wm7q-rxch-43mx for updates pertaining to this vulnerability.
    Patches
    serve GHSA-wm7q-rxch-43mx
  • In Development

    Nodejs (npm) Security Update for rails-session-decoder (GHSA-44vf-8ffm-v2qh)

    Severity
    Critical4
    Qualys ID
    983297
    Vendor Reference
    GHSA-44vf-8ffm-v2qh
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    All versions of `rails-session-decoder` are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information.


    ## Recommendation

    No fix is currently available. Consider using an alternative module until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-44vf-8ffm-v2qh for updates pertaining to this vulnerability.
    Patches
    rails-session-decoder GHSA-44vf-8ffm-v2qh
  • In Development

    Nodejs (npm) Security Update for serialize-to-js (GHSA-w5q7-3pr9-x44w)

    Severity
    Critical4
    Qualys ID
    983295
    Vendor Reference
    GHSA-w5q7-3pr9-x44w
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Versions of `serialize-to-js` prior to 2.0.0 are vulnerable to Denial of Service. User input is not properly validated, allowing attackers to provide inputs that lead the execution to loop indefinitely.


    ## Recommendation

    Upgrade to version 2.0.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-w5q7-3pr9-x44w for updates pertaining to this vulnerability.
    Patches
    serialize-to-js GHSA-w5q7-3pr9-x44w
  • In Development

    Nodejs (npm) Security Update for graphql-code-generator (GHSA-9w87-4j72-gcv7)

    Severity
    Critical4
    Qualys ID
    983294
    Vendor Reference
    GHSA-9w87-4j72-gcv7
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Versions of `graphql-code-generator` prior to 0.18.2 have an Insecure Default Configuration. The packages sets `NODE_TLS_REJECT_UNAUTHORIZED` to 0, disabling certificate verification for the entire project. This results in Insecure Communication for the process.


    ## Recommendation

    Upgrade to version 0.18.2 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-9w87-4j72-gcv7 for updates pertaining to this vulnerability.
    Patches
    graphql-code-generator GHSA-9w87-4j72-gcv7
  • CVE-2020-25722+
    Recently Published

    Fedora Security Update for freeipa (FEDORA-2021-1d77047c61)

    Severity
    Critical4
    Qualys ID
    282091
    Date Published
    December 1, 2021
    Vendor Reference
    FEDORA-2021-1d77047c61
    CVE Reference
    CVE-2020-25722, CVE-2020-25717, CVE-2020-25719, CVE-2021-3738, CVE-2020-25718, CVE-2020-25721, CVE-2016-2124, CVE-2021-23192
    CVSS Scores
    Base 4.2 / Temporal 3.7
    Description
    Fedora has released a security update for freeipa to fix the vulnerability.

    Affected OS:
    Fedora 34



    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

    Consequence
    Malicious users could use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.
    Solution
    Fedora has issued updated packages to fix this vulnerability.

    For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
    Fedora 34 Update

    Patches
    Fedora 34 FEDORA-2021-1d77047c61
  • CVE-2021-33509
    In Development

    Python (pip) Security Update for Plone (GHSA-hm2p-fhwx-9285)

    Severity
    Urgent5
    Qualys ID
    982270
    Vendor Reference
    GHSA-hm2p-fhwx-9285
    CVE Reference
    CVE-2021-33509
    CVSS Scores
    Base 9.9 / Temporal 8.6
    Description
    Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hm2p-fhwx-9285 for updates pertaining to this vulnerability.
    Patches
    Plone GHSA-hm2p-fhwx-9285
  • CVE-2019-10759
    In Development

    Nodejs (npm) Security Update for safer-eval (GHSA-r3x4-wr4h-pw33)

    Severity
    Urgent5
    Qualys ID
    981962
    Vendor Reference
    GHSA-r3x4-wr4h-pw33
    CVE Reference
    CVE-2019-10759
    CVSS Scores
    Base 9.9 / Temporal 8.6
    Description
    Versions of `safer-eval` prior to 1.3.4 are vulnerable to Sandbox Escape leading to Remote Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. For example, evaluating he string `console.constructor.constructor('return process')().env` prints `process.env` to the console.


    ## Recommendation

    Upgrade to version 1.3.4 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-r3x4-wr4h-pw33 for updates pertaining to this vulnerability.
    Patches
    safer-eval GHSA-r3x4-wr4h-pw33
  • CVE-2019-10760
    In Development

    Nodejs (npm) Security Update for safer-eval (GHSA-hgch-jjmr-gp7w)

    Severity
    Urgent5
    Qualys ID
    981961
    Vendor Reference
    GHSA-hgch-jjmr-gp7w
    CVE Reference
    CVE-2019-10760
    CVSS Scores
    Base 9.9 / Temporal 8.6
    Description
    Versions of `safer-eval` before 1.3.2 are vulnerable to Sandbox Escape leading to Remote Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.


    ## Recommendation

    Upgrade to version 1.3.2.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hgch-jjmr-gp7w for updates pertaining to this vulnerability.
    Patches
    safer-eval GHSA-hgch-jjmr-gp7w
  • CVE-2020-25074
    In Development

    Python (pip) Security Update for moin (GHSA-52q8-877j-gghq)

    Severity
    Urgent5
    Qualys ID
    983255
    Vendor Reference
    GHSA-52q8-877j-gghq
    CVE Reference
    CVE-2020-25074
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Security update has been released for moin to fix the vulnerability.

    Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
    Consequence
    The cache action in action/cache.py allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to
    the wiki can use this to achieve remote code execution.
    Solution
    Users are strongly advised to upgrade to a patched version.

    MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.Workaround:
    It is not advised to work around this, but to upgrade MoinMoin to a patched version.

    That said, a work around via disabling the `cache` or the `AttachFile` action might be possible.

    Also, it is of course helpful if you give `write` permissions (which include uploading attachments) only to trusted users.
    Patches
    moin GHSA-52q8-877j-gghq
  • CVE-2020-7781
    In Development

    Nodejs (npm) Security Update for connection-tester (GHSA-w5mp-8p8w-mhh8)

    Severity
    Urgent5
    Qualys ID
    983229
    Vendor Reference
    GHSA-w5mp-8p8w-mhh8
    CVE Reference
    CVE-2020-7781
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. Affected versions of this package are vulnerable to Command Injection
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-w5mp-8p8w-mhh8 for updates pertaining to this vulnerability.
    Patches
    connection-tester GHSA-w5mp-8p8w-mhh8
  • CVE-2017-0907
    In Development

    Dotnet (nuget) Security Update for recurly-api-client (GHSA-xpwp-rq3x-x6v7)

    Severity
    Urgent5
    Qualys ID
    983179
    Vendor Reference
    GHSA-xpwp-rq3x-x6v7
    CVE Reference
    CVE-2017-0907
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side Request Forgery vulnerability due to incorrect use of "Uri.EscapeUriString" that could result in compromise of API keys or other critical resources.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-xpwp-rq3x-x6v7 for updates pertaining to this vulnerability.
    Patches
    recurly-api-client GHSA-xpwp-rq3x-x6v7
  • CVE-2017-1001003
    In Development

    Nodejs (npm) Security Update for mathjs (GHSA-pv8x-p9hq-j328)

    Severity
    Urgent5
    Qualys ID
    983166
    Vendor Reference
    GHSA-pv8x-p9hq-j328
    CVE Reference
    CVE-2017-1001003
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.


    ## Recommendation

    Upgrade to version 3.17.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-pv8x-p9hq-j328 for updates pertaining to this vulnerability.
    Patches
    mathjs GHSA-pv8x-p9hq-j328
  • CVE-2017-16100
    In Development

    Nodejs (npm) Security Update for dns-sync (GHSA-jcw8-r9xm-32c6)

    Severity
    Urgent5
    Qualys ID
    983162
    Vendor Reference
    GHSA-jcw8-r9xm-32c6
    CVE Reference
    CVE-2017-16100
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Affected versions of `dns-sync` have an arbitrary command execution vulnerability in the `resolve()` method.



    ## Recommendation

    - Use an alternative dns resolver
    - Do not allow untrusted input into `dns-sync.resolve()`
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-jcw8-r9xm-32c6 for updates pertaining to this vulnerability.
    Patches
    dns-sync GHSA-jcw8-r9xm-32c6
  • CVE-2020-7784
    In Development

    Nodejs (npm) Security Update for ts-process-promises (GHSA-ww4j-c2rq-47q8)

    Severity
    Urgent5
    Qualys ID
    982985
    Vendor Reference
    GHSA-ww4j-c2rq-47q8
    CVE Reference
    CVE-2020-7784
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-ww4j-c2rq-47q8 for updates pertaining to this vulnerability.
    Patches
    ts-process-promises GHSA-ww4j-c2rq-47q8
  • CVE-2020-7794
    In Development

    Nodejs (npm) Security Update for buns (GHSA-487w-pqcm-63hq)

    Severity
    Urgent5
    Qualys ID
    982975
    Vendor Reference
    GHSA-487w-pqcm-63hq
    CVE Reference
    CVE-2020-7794
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    There is a command injection vulnerability in all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-487w-pqcm-63hq for updates pertaining to this vulnerability.
    Patches
    buns GHSA-487w-pqcm-63hq
  • In Development

    Nodejs (npm) Security Update for nobelprizeparser (GHSA-4wv4-mgfq-598v)

    Severity
    Urgent5
    Qualys ID
    982919
    Vendor Reference
    GHSA-4wv4-mgfq-598v
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Code injection through use of eval.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4wv4-mgfq-598v for updates pertaining to this vulnerability.
    Patches
    nobelprizeparser GHSA-4wv4-mgfq-598v
  • CVE-2020-28273
    In Development

    Nodejs (npm) Security Update for set-in (GHSA-qr4p-c9wr-phr6)

    Severity
    Urgent5
    Qualys ID
    982903
    Vendor Reference
    GHSA-qr4p-c9wr-phr6
    CVE Reference
    CVE-2020-28273
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-qr4p-c9wr-phr6 for updates pertaining to this vulnerability.
    Patches
    set-in GHSA-qr4p-c9wr-phr6
  • CVE-2021-25914
    In Development

    Nodejs (npm) Security Update for object-collider (GHSA-85g2-29m8-qf2p)

    Severity
    Urgent5
    Qualys ID
    982902
    Vendor Reference
    GHSA-85g2-29m8-qf2p
    CVE Reference
    CVE-2021-25914
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in 'object-collider' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-85g2-29m8-qf2p for updates pertaining to this vulnerability.
    Patches
    object-collider GHSA-85g2-29m8-qf2p
  • CVE-2021-23344
    In Development

    Nodejs (npm) Security Update for total.js (GHSA-3wj8-vp9h-rm6m)

    Severity
    Urgent5
    Qualys ID
    982898
    Vendor Reference
    GHSA-3wj8-vp9h-rm6m
    CVE Reference
    CVE-2021-23344
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The package total.js before 3.4.8 are vulnerable to Remote Code Execution (RCE) via set.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3wj8-vp9h-rm6m for updates pertaining to this vulnerability.
    Patches
    total.js GHSA-3wj8-vp9h-rm6m
  • CVE-2020-28431
    In Development

    Nodejs (npm) Security Update for wc-cmd (GHSA-mx3r-w3pj-7wv7)

    Severity
    Urgent5
    Qualys ID
    982890
    Vendor Reference
    GHSA-mx3r-w3pj-7wv7
    CVE Reference
    CVE-2020-28431
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mx3r-w3pj-7wv7 for updates pertaining to this vulnerability.
    Patches
    wc-cmd GHSA-mx3r-w3pj-7wv7
  • CVE-2021-23355
    In Development

    Nodejs (npm) Security Update for ps-kill (GHSA-7qmm-q394-fmch)

    Severity
    Urgent5
    Qualys ID
    982887
    Vendor Reference
    GHSA-7qmm-q394-fmch
    CVE Reference
    CVE-2021-23355
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions of package ps-kill. If (attacker-controlled) user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization in the index.js file. PoC (provided by reporter): var ps_kill = require('ps-kill'); ps_kill.kill('$(touch success)',function(){});
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7qmm-q394-fmch for updates pertaining to this vulnerability.
    Patches
    ps-kill GHSA-7qmm-q394-fmch
  • CVE-2020-8298
    In Development

    Nodejs (npm) Security Update for fs-path (GHSA-8mrf-64fw-2x75)

    Severity
    Urgent5
    Qualys ID
    982883
    Vendor Reference
    GHSA-8mrf-64fw-2x75
    CVE Reference
    CVE-2020-8298
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8mrf-64fw-2x75 for updates pertaining to this vulnerability.
    Patches
    fs-path GHSA-8mrf-64fw-2x75
  • CVE-2019-15151
    In Development

    Dotnet (nuget) Security Update for adplug (GHSA-874w-m2v2-mj64)

    Severity
    Urgent5
    Qualys ID
    982874
    Vendor Reference
    GHSA-874w-m2v2-mj64
    CVE Reference
    CVE-2019-15151
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-874w-m2v2-mj64 for updates pertaining to this vulnerability.
    Patches
    adplug GHSA-874w-m2v2-mj64
  • CVE-2020-26759
    In Development

    Python (pip) Security Update for clickhouse-driver (GHSA-vgv5-cxvh-vfxh)

    Severity
    Urgent5
    Qualys ID
    982816
    Vendor Reference
    GHSA-vgv5-cxvh-vfxh
    CVE Reference
    CVE-2020-26759
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, due to a buffer overflow.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vgv5-cxvh-vfxh for updates pertaining to this vulnerability.
    Patches
    clickhouse-driver GHSA-vgv5-cxvh-vfxh
  • CVE-2021-25913
    In Development

    Nodejs (npm) Security Update for set-or-get (GHSA-6rv4-4qv6-88g2)

    Severity
    Urgent5
    Qualys ID
    982806
    Vendor Reference
    GHSA-6rv4-4qv6-88g2
    CVE Reference
    CVE-2021-25913
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in set-or-get version 1.0.0 through 1.2.10 allows an attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-6rv4-4qv6-88g2 for updates pertaining to this vulnerability.
    Patches
    set-or-get GHSA-6rv4-4qv6-88g2
  • CVE-2020-7786
    In Development

    Nodejs (npm) Security Update for macfromip (GHSA-vh8f-xw5v-8993)

    Severity
    Urgent5
    Qualys ID
    982805
    Vendor Reference
    GHSA-vh8f-xw5v-8993
    CVE Reference
    CVE-2020-7786
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of npm package macfromip are affected by a command injection vulnerability. The injection point is located in line 66 in macfromip.js.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vh8f-xw5v-8993 for updates pertaining to this vulnerability.
    Patches
    macfromip GHSA-vh8f-xw5v-8993
  • CVE-2013-7378
    In Development

    Nodejs (npm) Security Update for hubot-scripts (GHSA-hwch-749c-rv63)

    Severity
    Urgent5
    Qualys ID
    982800
    Vendor Reference
    GHSA-hwch-749c-rv63
    CVE Reference
    CVE-2013-7378
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions 2.4.3 and earlier of hubot-scripts are vulnerable to a command injection vulnerablity in the `hubot-scripts/package/src/scripts/email.coffee` module.


    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hwch-749c-rv63 for updates pertaining to this vulnerability.
    Patches
    hubot-scripts GHSA-hwch-749c-rv63
  • CVE-2021-26541
    In Development

    Nodejs (npm) Security Update for gitlog (GHSA-67mm-m3wx-j7fr)

    Severity
    Urgent5
    Qualys ID
    982796
    Vendor Reference
    GHSA-67mm-m3wx-j7fr
    CVE Reference
    CVE-2021-26541
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The gitlog function in src/index.ts in gitlog before 4.0.4 has a command injection vulnerability.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-67mm-m3wx-j7fr for updates pertaining to this vulnerability.
    Patches
    gitlog GHSA-67mm-m3wx-j7fr
  • CVE-2021-26275
    In Development

    Nodejs (npm) Security Update for eslint-fixer (GHSA-45w5-pvr8-4rh5)

    Severity
    Urgent5
    Qualys ID
    982787
    Vendor Reference
    GHSA-45w5-pvr8-4rh5
    CVE Reference
    CVE-2021-26275
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repository has been intentionally deleted.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-45w5-pvr8-4rh5 for updates pertaining to this vulnerability.
    Patches
    eslint-fixer GHSA-45w5-pvr8-4rh5
  • CVE-2021-23330
    In Development

    Nodejs (npm) Security Update for launchpad (GHSA-7h8x-wmq2-7mff)

    Severity
    Urgent5
    Qualys ID
    982783
    Vendor Reference
    GHSA-7h8x-wmq2-7mff
    CVE Reference
    CVE-2021-23330
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of package launchpad are vulnerable to Command Injection via stop.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7h8x-wmq2-7mff for updates pertaining to this vulnerability.
    Patches
    launchpad GHSA-7h8x-wmq2-7mff
  • CVE-2020-28448
    In Development

    Nodejs (npm) Security Update for multi-ini (GHSA-g78f-549w-c354)

    Severity
    Urgent5
    Qualys ID
    982771
    Vendor Reference
    GHSA-g78f-549w-c354
    CVE Reference
    CVE-2020-28448
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects the package multi-ini before 2.1.1. It is possible to pollute an object's prototype by specifying the proto object as part of an array.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-g78f-549w-c354 for updates pertaining to this vulnerability.
    Patches
    multi-ini GHSA-g78f-549w-c354
  • CVE-2020-28281
    In Development

    Nodejs (npm) Security Update for set-object-value (GHSA-4jj4-m52p-8rx3)

    Severity
    Urgent5
    Qualys ID
    982770
    Vendor Reference
    GHSA-4jj4-m52p-8rx3
    CVE Reference
    CVE-2020-28281
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4jj4-m52p-8rx3 for updates pertaining to this vulnerability.
    Patches
    set-object-value GHSA-4jj4-m52p-8rx3
  • CVE-2020-7771
    In Development

    Nodejs (npm) Security Update for asciitable.js (GHSA-5pxj-mhwj-x5gv)

    Severity
    Urgent5
    Qualys ID
    982767
    Vendor Reference
    GHSA-5pxj-mhwj-x5gv
    CVE Reference
    CVE-2020-7771
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The package asciitable.js before 1.0.3 are vulnerable to Prototype Pollution via the main function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5pxj-mhwj-x5gv for updates pertaining to this vulnerability.
    Patches
    asciitable.js GHSA-5pxj-mhwj-x5gv
  • CVE-2021-26701
    In Development

    Dotnet (nuget) Security Update for System.Text.Encodings.Web (GHSA-ghhp-997w-qr28)

    Severity
    Urgent5
    Qualys ID
    982727
    Vendor Reference
    GHSA-ghhp-997w-qr28
    CVE Reference
    CVE-2021-26701
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    .NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.

    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-ghhp-997w-qr28 for updates pertaining to this vulnerability.
    Patches
    System.Text.Encodings.Web GHSA-ghhp-997w-qr28
  • CVE-2020-29128
    In Development

    Python (pip) Security Update for petl (GHSA-69q2-p9xp-739v)

    Severity
    Urgent5
    Qualys ID
    982725
    Vendor Reference
    GHSA-69q2-p9xp-739v
    CVE Reference
    CVE-2020-29128
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    petl before 1.68, in some configurations, allows resolution of entities in an XML document.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-69q2-p9xp-739v for updates pertaining to this vulnerability.
    Patches
    petl GHSA-69q2-p9xp-739v
  • CVE-2019-3888
    In Development

    Java (maven) Security Update for io.undertow:undertow-core (GHSA-jwgx-9mmh-684w)

    Severity
    Urgent5
    Qualys ID
    982713
    Vendor Reference
    GHSA-jwgx-9mmh-684w
    CVE Reference
    CVE-2019-3888
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-jwgx-9mmh-684w for updates pertaining to this vulnerability.
    Patches
    io.undertow:undertow-core GHSA-jwgx-9mmh-684w
  • CVE-2018-11307
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-qr7j-h6gg-jmgc)

    Severity
    Urgent5
    Qualys ID
    982704
    Vendor Reference
    GHSA-qr7j-h6gg-jmgc
    CVE Reference
    CVE-2018-11307
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-qr7j-h6gg-jmgc for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-qr7j-h6gg-jmgc
  • CVE-2020-27197
    In Development

    Python (pip) Security Update for libtaxii (GHSA-836c-xg97-8p4h)

    Severity
    Urgent5
    Qualys ID
    982693
    Vendor Reference
    GHSA-836c-xg97-8p4h
    CVE Reference
    CVE-2020-27197
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    "TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the no_network setting is used for the XML parser. NOTE: the vendor points out that the parse method "wraps the lxml library" and that this may be an issue to "raise ... to the lxml group.""
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-836c-xg97-8p4h for updates pertaining to this vulnerability.
    Patches
    libtaxii GHSA-836c-xg97-8p4h
  • CVE-2021-23376
    In Development

    Nodejs (npm) Security Update for ffmpegdotjs (GHSA-f39r-cpmj-whcg)

    Severity
    Urgent5
    Qualys ID
    982677
    Vendor Reference
    GHSA-f39r-cpmj-whcg
    CVE Reference
    CVE-2021-23376
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-f39r-cpmj-whcg for updates pertaining to this vulnerability.
    Patches
    ffmpegdotjs GHSA-f39r-cpmj-whcg
  • CVE-2021-23334
    In Development

    Nodejs (npm) Security Update for static-eval (GHSA-8v27-2fg9-7h62)

    Severity
    Urgent5
    Qualys ID
    982671
    Vendor Reference
    GHSA-8v27-2fg9-7h62
    CVE Reference
    CVE-2021-23334
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of package static-eval are vulnerable to Arbitrary Code Execution using FunctionExpressions and TemplateLiterals. PoC: var evaluate = require('static-eval'); var parse = require('esprima').parse; var src="(function (x) { return ${eval("console.log(global.process.mainModule.constructor._load('child_process').execSync('ls').toString())")} })()" var ast = parse(src).body[0].expression; evaluate(ast)

    # WITHDRAWN

    This was deemed not a vulnerability. See [this issue](https://github.com/browserify/static-eval/issues/34) for details.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8v27-2fg9-7h62 for updates pertaining to this vulnerability.
    Patches
    static-eval GHSA-8v27-2fg9-7h62
  • CVE-2020-17479
    In Development

    Nodejs (npm) Security Update for jpv (GHSA-vh6r-g38f-q3w8)

    Severity
    Urgent5
    Qualys ID
    982666
    Vendor Reference
    GHSA-vh6r-g38f-q3w8
    CVE Reference
    CVE-2020-17479
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vh6r-g38f-q3w8 for updates pertaining to this vulnerability.
    Patches
    jpv GHSA-vh6r-g38f-q3w8
  • CVE-2020-7719
    In Development

    Nodejs (npm) Security Update for locutus (GHSA-f98m-q3hr-p5wq)

    Severity
    Urgent5
    Qualys ID
    982662
    Vendor Reference
    GHSA-f98m-q3hr-p5wq
    CVE Reference
    CVE-2020-7719
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of package locutus prior to version 2.0.12 are vulnerable to Prototype Pollution via the php.strings.parse_str function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-f98m-q3hr-p5wq for updates pertaining to this vulnerability.
    Patches
    locutus GHSA-f98m-q3hr-p5wq
  • CVE-2020-7726
    In Development

    Nodejs (npm) Security Update for safe-object2 (GHSA-jpq3-xf27-5jf2)

    Severity
    Urgent5
    Qualys ID
    982661
    Vendor Reference
    GHSA-jpq3-xf27-5jf2
    CVE Reference
    CVE-2020-7726
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-jpq3-xf27-5jf2 for updates pertaining to this vulnerability.
    Patches
    safe-object2 GHSA-jpq3-xf27-5jf2
  • CVE-2020-13921
    In Development

    Java (maven) Security Update for org.apache.skywalking:oap-server (GHSA-grpf-gg7v-5g5h)

    Severity
    Urgent5
    Qualys ID
    982654
    Vendor Reference
    GHSA-grpf-gg7v-5g5h
    CVE Reference
    CVE-2020-13921
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-grpf-gg7v-5g5h for updates pertaining to this vulnerability.
    Patches
    org.apache.skywalking:oap-server GHSA-grpf-gg7v-5g5h
  • CVE-2020-25020
    In Development

    Java (maven) Security Update for net.sf.mpxj:mpxj (GHSA-wcp5-m52f-mhh5)

    Severity
    Urgent5
    Qualys ID
    982651
    Vendor Reference
    GHSA-wcp5-m52f-mhh5
    CVE Reference
    CVE-2020-25020
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    "MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components."
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wcp5-m52f-mhh5 for updates pertaining to this vulnerability.
    Patches
    net.sf.mpxj:mpxj GHSA-wcp5-m52f-mhh5
  • CVE-2021-23378
    In Development

    Nodejs (npm) Security Update for picotts (GHSA-wq7q-5v6j-xfv6)

    Severity
    Urgent5
    Qualys ID
    982647
    Vendor Reference
    GHSA-wq7q-5v6j-xfv6
    CVE Reference
    CVE-2021-23378
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions up to and including version 0.1.1 of package picotts. If attacker-controlled user input is given to the say function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wq7q-5v6j-xfv6 for updates pertaining to this vulnerability.
    Patches
    picotts GHSA-wq7q-5v6j-xfv6
  • CVE-2021-23377
    In Development

    Nodejs (npm) Security Update for onion-oled-js (GHSA-rhwp-9vm9-547q)

    Severity
    Urgent5
    Qualys ID
    982646
    Vendor Reference
    GHSA-rhwp-9vm9-547q
    CVE Reference
    CVE-2021-23377
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions up to and including version 0.0.2 of package onion-oled-js. If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-rhwp-9vm9-547q for updates pertaining to this vulnerability.
    Patches
    onion-oled-js GHSA-rhwp-9vm9-547q
  • CVE-2021-23374
    In Development

    Nodejs (npm) Security Update for ps-visitor (GHSA-v2jv-33gh-xx29)

    Severity
    Urgent5
    Qualys ID
    982645
    Vendor Reference
    GHSA-v2jv-33gh-xx29
    CVE Reference
    CVE-2021-23374
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions up to and including version 0.0.2 of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v2jv-33gh-xx29 for updates pertaining to this vulnerability.
    Patches
    ps-visitor GHSA-v2jv-33gh-xx29
  • CVE-2020-8158
    In Development

    Nodejs (npm) Security Update for typeorm (GHSA-pf2j-9qmp-jqr2)

    Severity
    Urgent5
    Qualys ID
    982640
    Vendor Reference
    GHSA-pf2j-9qmp-jqr2
    CVE Reference
    CVE-2020-8158
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-pf2j-9qmp-jqr2 for updates pertaining to this vulnerability.
    Patches
    typeorm GHSA-pf2j-9qmp-jqr2
  • CVE-2021-23370
    In Development

    Nodejs (npm) Security Update for swiper (GHSA-p3hc-fv2j-rp68)

    Severity
    Urgent5
    Qualys ID
    982630
    Vendor Reference
    GHSA-p3hc-fv2j-rp68
    CVE Reference
    CVE-2021-23370
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions of the package swiper before 6.5.1 are susceptible to prototype pollution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p3hc-fv2j-rp68 for updates pertaining to this vulnerability.
    Patches
    swiper GHSA-p3hc-fv2j-rp68
  • CVE-2020-28429
    In Development

    Nodejs (npm) Security Update for geojson2kml (GHSA-w83x-fp72-p9qc)

    Severity
    Urgent5
    Qualys ID
    982628
    Vendor Reference
    GHSA-w83x-fp72-p9qc
    CVE Reference
    CVE-2020-28429
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions up to and including version 0.1.1 of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU",function(){})
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-w83x-fp72-p9qc for updates pertaining to this vulnerability.
    Patches
    geojson2kml GHSA-w83x-fp72-p9qc
  • CVE-2020-27664
    In Development

    Nodejs (npm) Security Update for strapi (GHSA-7frv-9phw-vrvr)

    Severity
    Urgent5
    Qualys ID
    982618
    Vendor Reference
    GHSA-7frv-9phw-vrvr
    CVE Reference
    CVE-2020-27664
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    admin/src/containers/InputModalStepperProvider/index.js in Strapi before 3.2.5 has unwanted /proxy?url= functionality.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7frv-9phw-vrvr for updates pertaining to this vulnerability.
    Patches
    strapi GHSA-7frv-9phw-vrvr
  • CVE-2020-7770
    In Development

    Nodejs (npm) Security Update for json8 (GHSA-7h43-gx24-p529)

    Severity
    Urgent5
    Qualys ID
    982608
    Vendor Reference
    GHSA-7h43-gx24-p529
    CVE Reference
    CVE-2020-7770
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7h43-gx24-p529 for updates pertaining to this vulnerability.
    Patches
    json8 GHSA-7h43-gx24-p529
  • CVE-2020-7684
    In Development

    Nodejs (npm) Security Update for rollup-plugin-serve (GHSA-4j46-mp85-mv8c)

    Severity
    Urgent5
    Qualys ID
    982583
    Vendor Reference
    GHSA-4j46-mp85-mv8c
    CVE Reference
    CVE-2020-7684
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Path traversal in npm package `rollup-plugin-serve` before version 1.0.2. There is no path sanitization in `readFile` operation.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4j46-mp85-mv8c for updates pertaining to this vulnerability.
    Patches
    rollup-plugin-serve GHSA-4j46-mp85-mv8c
  • CVE-2019-14544
    In Development

    Go (go) Security Update for gogs.io/gogs (GHSA-5r2v-6gm6-vpvh)

    Severity
    Urgent5
    Qualys ID
    982572
    Vendor Reference
    GHSA-5r2v-6gm6-vpvh
    CVE Reference
    CVE-2019-14544
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5r2v-6gm6-vpvh for updates pertaining to this vulnerability.
    Patches
    gogs.io/gogs GHSA-5r2v-6gm6-vpvh
  • CVE-2019-20933
    In Development

    Go (go) Security Update for github.com/influxdata/influxdb/services/httpd (GHSA-2rmp-fw5r-j5qv)

    Severity
    Urgent5
    Qualys ID
    982567
    Vendor Reference
    GHSA-2rmp-fw5r-j5qv
    CVE Reference
    CVE-2019-20933
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-2rmp-fw5r-j5qv for updates pertaining to this vulnerability.
    Patches
    github.com/influxdata/influxdb/services/httpd GHSA-2rmp-fw5r-j5qv
  • CVE-2021-25941
    In Development

    Nodejs (npm) Security Update for deep-override (GHSA-v659-54cx-g4qr)

    Severity
    Urgent5
    Qualys ID
    982399
    Vendor Reference
    GHSA-v659-54cx-g4qr
    CVE Reference
    CVE-2021-25941
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in 'deep-override' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v659-54cx-g4qr for updates pertaining to this vulnerability.
    Patches
    deep-override GHSA-v659-54cx-g4qr
  • CVE-2021-25943
    In Development

    Nodejs (npm) Security Update for 101 (GHSA-cwcx-rxgc-cmw3)

    Severity
    Urgent5
    Qualys ID
    982398
    Vendor Reference
    GHSA-cwcx-rxgc-cmw3
    CVE Reference
    CVE-2021-25943
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-cwcx-rxgc-cmw3 for updates pertaining to this vulnerability.
    Patches
    101 GHSA-cwcx-rxgc-cmw3
  • CVE-2020-13927
    In Development

    Python (pip) Security Update for apache-airflow (GHSA-hhx9-p69v-cx2j)

    Severity
    Urgent5
    Qualys ID
    982367
    Vendor Reference
    GHSA-hhx9-p69v-cx2j
    CVE Reference
    CVE-2020-13927
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    "The previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at https://airflow.apache.org/docs/1.10.11/security.html#api-authentication. Note this change fixes it for new installs but existing users need to change their config to default `[api]auth_backend = airflow.api.auth.backend.deny_all` as mentioned in the Updating Guide: https://github.com/apache/airflow/blob/1.10.11/UPDATING.md#experimental-api-will-deny-all-request-by-default"
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hhx9-p69v-cx2j for updates pertaining to this vulnerability.
    Patches
    apache-airflow GHSA-hhx9-p69v-cx2j
  • CVE-2017-1000486
    In Development

    Java (maven) Security Update for org.primefaces:primefaces (GHSA-j239-4gqg-5j54)

    Severity
    Urgent5
    Qualys ID
    982365
    Vendor Reference
    GHSA-j239-4gqg-5j54
    CVE Reference
    CVE-2017-1000486
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-j239-4gqg-5j54 for updates pertaining to this vulnerability.
    Patches
    org.primefaces:primefaces GHSA-j239-4gqg-5j54
  • CVE-2021-22160
    In Development

    Java (maven) Security Update for org.apache.pulsar:pulsar (GHSA-3cv4-xxv7-934q)

    Severity
    Urgent5
    Qualys ID
    982355
    Vendor Reference
    GHSA-3cv4-xxv7-934q
    CVE Reference
    CVE-2021-22160
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not validated if the algorithm of the presented token is set to "none". This allows an attacker to connect to Pulsar instances as any user (incl. admins).
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-3cv4-xxv7-934q for updates pertaining to this vulnerability.
    Patches
    org.apache.pulsar:pulsar GHSA-3cv4-xxv7-934q
  • CVE-2021-29300
    In Development

    Nodejs (npm) Security Update for @ronomon/opened (GHSA-fg5w-w99f-rj6w)

    Severity
    Urgent5
    Qualys ID
    982345
    Vendor Reference
    GHSA-fg5w-w99f-rj6w
    CVE Reference
    CVE-2021-29300
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The @ronomon/opened library before 1.5.2 is vulnerable to a command injection vulnerability which would allow a remote attacker to execute commands on the system if the library was used with untrusted input.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fg5w-w99f-rj6w for updates pertaining to this vulnerability.
    Patches
    @ronomon/opened GHSA-fg5w-w99f-rj6w
  • CVE-2021-25945
    In Development

    Nodejs (npm) Security Update for js-extend (GHSA-mh82-55cm-6gfh)

    Severity
    Urgent5
    Qualys ID
    982344
    Vendor Reference
    GHSA-mh82-55cm-6gfh
    CVE Reference
    CVE-2021-25945
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mh82-55cm-6gfh for updates pertaining to this vulnerability.
    Patches
    js-extend GHSA-mh82-55cm-6gfh
  • CVE-2017-15708
    In Development

    Java (maven) Security Update for org.apache.synapse:synapse-core (GHSA-p694-23q3-rvrc)

    Severity
    Urgent5
    Qualys ID
    982335
    Vendor Reference
    GHSA-p694-23q3-rvrc
    CVE Reference
    CVE-2017-15708
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p694-23q3-rvrc for updates pertaining to this vulnerability.
    Patches
    org.apache.synapse:synapse-core GHSA-p694-23q3-rvrc
  • CVE-2021-23369
    In Development

    Nodejs (npm) Security Update for handlebars (GHSA-f2jv-r9rf-7988)

    Severity
    Urgent5
    Qualys ID
    982334
    Vendor Reference
    GHSA-f2jv-r9rf-7988
    CVE Reference
    CVE-2021-23369
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-f2jv-r9rf-7988 for updates pertaining to this vulnerability.
    Patches
    handlebars GHSA-f2jv-r9rf-7988
  • CVE-2017-15095
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-h592-38cm-4ggp)

    Severity
    Urgent5
    Qualys ID
    982333
    Vendor Reference
    GHSA-h592-38cm-4ggp
    CVE Reference
    CVE-2017-15095
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-h592-38cm-4ggp for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-h592-38cm-4ggp
  • CVE-2018-14720
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-x2w5-5m2g-7h5m)

    Severity
    Urgent5
    Qualys ID
    982327
    Vendor Reference
    GHSA-x2w5-5m2g-7h5m
    CVE Reference
    CVE-2018-14720
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-x2w5-5m2g-7h5m for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-x2w5-5m2g-7h5m
  • CVE-2017-1001002
    In Development

    Nodejs (npm) Security Update for mathjs (GHSA-vx5c-87qx-cv6c)

    Severity
    Urgent5
    Qualys ID
    982323
    Vendor Reference
    GHSA-vx5c-87qx-cv6c
    CVE Reference
    CVE-2017-1001002
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.


    ## Recommendation

    Update to version 3.17.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vx5c-87qx-cv6c for updates pertaining to this vulnerability.
    Patches
    mathjs GHSA-vx5c-87qx-cv6c
  • CVE-2017-7657
    In Development

    Java (maven) Security Update for org.eclipse.jetty:jetty-server (GHSA-vgg8-72f2-qm23)

    Severity
    Urgent5
    Qualys ID
    982322
    Vendor Reference
    GHSA-vgg8-72f2-qm23
    CVE Reference
    CVE-2017-7657
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    In Eclipse Jetty, versions 9.2.x and older, 9.3.x, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vgg8-72f2-qm23 for updates pertaining to this vulnerability.
    Patches
    org.eclipse.jetty:jetty-server GHSA-vgg8-72f2-qm23
  • CVE-2018-1260
    In Development

    Java (maven) Security Update for org.springframework.security.oauth:spring-security-oauth2 (GHSA-rrpm-pj7p-7j9q)

    Severity
    Urgent5
    Qualys ID
    982321
    Vendor Reference
    GHSA-rrpm-pj7p-7j9q
    CVE Reference
    CVE-2018-1260
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-rrpm-pj7p-7j9q for updates pertaining to this vulnerability.
    Patches
    org.springframework.security.oauth:spring-security-oauth2 GHSA-rrpm-pj7p-7j9q
  • CVE-2018-19361
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-mx9v-gmh4-mgqw)

    Severity
    Urgent5
    Qualys ID
    982315
    Vendor Reference
    GHSA-mx9v-gmh4-mgqw
    CVE Reference
    CVE-2018-19361
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mx9v-gmh4-mgqw for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-mx9v-gmh4-mgqw
  • CVE-2018-19360
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-f9hv-mg5h-xcw9)

    Severity
    Urgent5
    Qualys ID
    982304
    Vendor Reference
    GHSA-f9hv-mg5h-xcw9
    CVE Reference
    CVE-2018-19360
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-f9hv-mg5h-xcw9 for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-f9hv-mg5h-xcw9
  • CVE-2018-7489
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-cggj-fvv3-cqwv)

    Severity
    Urgent5
    Qualys ID
    982302
    Vendor Reference
    GHSA-cggj-fvv3-cqwv
    CVE Reference
    CVE-2018-7489
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-cggj-fvv3-cqwv for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-cggj-fvv3-cqwv
  • CVE-2018-14719
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-4gq5-ch57-c2mg)

    Severity
    Urgent5
    Qualys ID
    982282
    Vendor Reference
    GHSA-4gq5-ch57-c2mg
    CVE Reference
    CVE-2018-14719
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4gq5-ch57-c2mg for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-4gq5-ch57-c2mg
  • CVE-2018-14718
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-645p-88qh-w398)

    Severity
    Urgent5
    Qualys ID
    982281
    Vendor Reference
    GHSA-645p-88qh-w398
    CVE Reference
    CVE-2018-14718
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-645p-88qh-w398 for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-645p-88qh-w398
  • CVE-2021-25947
    In Development

    Nodejs (npm) Security Update for nestie (GHSA-m7rg-8wvq-846v)

    Severity
    Urgent5
    Qualys ID
    982274
    Vendor Reference
    GHSA-m7rg-8wvq-846v
    CVE Reference
    CVE-2021-25947
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Prototype pollution vulnerability in 'nestie' versions 0.0.0 through 1.0.0 allows an attacker to cause a denial of service and may lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-m7rg-8wvq-846v for updates pertaining to this vulnerability.
    Patches
    nestie GHSA-m7rg-8wvq-846v
  • CVE-2018-1000613
    In Development

    Java (maven) Security Update for org.bouncycastle:bcprov-jdk15 (GHSA-4446-656p-f54g)

    Severity
    Urgent5
    Qualys ID
    982266
    Vendor Reference
    GHSA-4446-656p-f54g
    CVE Reference
    CVE-2018-1000613
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs version prior to version 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code.. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application.. This vulnerability appears to have been fixed in 1.60 and later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4446-656p-f54g for updates pertaining to this vulnerability.
    Patches
    org.bouncycastle:bcprov-jdk14 GHSA-4446-656p-f54g, org.bouncycastle:bcprov-jdk15 GHSA-4446-656p-f54g
  • CVE-2019-3773
    In Development

    Java (maven) Security Update for org.springframework.ws:spring-xml (GHSA-8222-6fc8-mhvf)

    Severity
    Urgent5
    Qualys ID
    982262
    Vendor Reference
    GHSA-8222-6fc8-mhvf
    CVE Reference
    CVE-2019-3773
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-8222-6fc8-mhvf for updates pertaining to this vulnerability.
    Patches
    org.springframework.ws:spring-ws GHSA-8222-6fc8-mhvf, org.springframework.ws:spring-xml GHSA-8222-6fc8-mhvf
  • CVE-2019-14379
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-6fpp-rgj9-8rwc)

    Severity
    Urgent5
    Qualys ID
    982256
    Vendor Reference
    GHSA-6fpp-rgj9-8rwc
    CVE Reference
    CVE-2019-14379
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-6fpp-rgj9-8rwc for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-6fpp-rgj9-8rwc
  • CVE-2019-16942
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-mx7p-6679-8g3q)

    Severity
    Urgent5
    Qualys ID
    982255
    Vendor Reference
    GHSA-mx7p-6679-8g3q
    CVE Reference
    CVE-2019-16942
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mx7p-6679-8g3q for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-mx7p-6679-8g3q
  • CVE-2021-27850
    In Development

    Java (maven) Security Update for org.apache.tapestry:tapestry-core (GHSA-mj8x-cpr8-x39h)

    Severity
    Urgent5
    Qualys ID
    982236
    Vendor Reference
    GHSA-mj8x-cpr8-x39h
    CVE Reference
    CVE-2021-27850
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker was able to download the file `AppModule.class` by requesting the URL `http://localhost:8080/assets/something/services/AppModule.class` which contains a HMAC secret key. The fix for that bug was a blacklist filter that checks if the URL ends with `.class`, `.properties` or `.xml`. Bypass: Unfortunately, the blacklist solution can simply be bypassed by appending a `/` at the end of the URL: `http://localhost:8080/assets/something/services/AppModule.class/` The slash is stripped after the blacklist check and the file `AppModule.class` is loaded into the response. This class usually contains the HMAC secret key which is used to sign serialized Java objects. With the knowledge of that key an attacker can sign a Java gadget chain that leads to RCE (e.g. CommonsBeanUtils1 from ysoserial). Solution for this vulnerability: * For Apache Tapestry 5.4.0 to 5.6.2, upgrade to 5.6.3 or later. * For Apache Tapestry 5.7.0, upgrade to 5.7.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mj8x-cpr8-x39h for updates pertaining to this vulnerability.
    Patches
    org.apache.tapestry:tapestry-core GHSA-mj8x-cpr8-x39h
  • CVE-2021-23899
    In Development

    Java (maven) Security Update for com.mikesamuel:json-sanitizer (GHSA-mm8j-9x84-m9cv)

    Severity
    Urgent5
    Qualys ID
    982235
    Vendor Reference
    GHSA-mm8j-9x84-m9cv
    CVE Reference
    CVE-2021-23899
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mm8j-9x84-m9cv for updates pertaining to this vulnerability.
    Patches
    com.mikesamuel:json-sanitizer GHSA-mm8j-9x84-m9cv
  • CVE-2018-20060
    In Development

    Python (pip) Security Update for urllib3 (GHSA-www2-v7xj-xrc6)

    Severity
    Urgent5
    Qualys ID
    982226
    Vendor Reference
    GHSA-www2-v7xj-xrc6
    CVE Reference
    CVE-2018-20060
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-www2-v7xj-xrc6 for updates pertaining to this vulnerability.
    Patches
    urllib3 GHSA-www2-v7xj-xrc6
  • CVE-2019-12419
    In Development

    Java (maven) Security Update for org.apache.cxf:cxf (GHSA-cw6w-q88j-6mqf)

    Severity
    Urgent5
    Qualys ID
    982217
    Vendor Reference
    GHSA-cw6w-q88j-6mqf
    CVE Reference
    CVE-2019-12419
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the supplied clientId parameter in the request. If a malicious client was able to somehow steal an authorization code issued to another client, then they could exploit this vulnerability to obtain an access token for the other client.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-cw6w-q88j-6mqf for updates pertaining to this vulnerability.
    Patches
    org.apache.cxf:cxf GHSA-cw6w-q88j-6mqf
  • CVE-2021-31800
    In Development

    Python (pip) Security Update for impacket (GHSA-mj63-64x7-57xf)

    Severity
    Urgent5
    Qualys ID
    982201
    Vendor Reference
    GHSA-mj63-64x7-57xf
    CVE Reference
    CVE-2021-31800
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Multiple path traversal vulnerabilities exist in smbserver.py in Impacket before 0.9.23. An attacker that connects to a running smbserver instance can list and write to arbitrary files via ../ directory traversal. This could potentially be abused to achieve arbitrary code execution by replacing /etc/shadow or an SSH authorized key.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-mj63-64x7-57xf for updates pertaining to this vulnerability.
    Patches
    impacket GHSA-mj63-64x7-57xf
  • CVE-2019-10765
    In Development

    Nodejs (npm) Security Update for iobroker.admin (GHSA-54xj-q58h-9x57)

    Severity
    Urgent5
    Qualys ID
    982115
    Vendor Reference
    GHSA-54xj-q58h-9x57
    CVE Reference
    CVE-2019-10765
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions of `iobroker.admin` prior to 3.6.12 are vulnerable to Path Traversal. The package fails to restrict access to folders outside of the intended folder in the `/log/` route, which may allow attackers to include arbitrary files in the system. An attacker would need to be authenticated to perform the attack but the package has authentication disabled by default.


    ## Recommendation

    Upgrade to version 3.6.12 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-54xj-q58h-9x57 for updates pertaining to this vulnerability.
    Patches
    iobroker.admin GHSA-54xj-q58h-9x57
  • CVE-2021-32685
    In Development

    Nodejs (npm) Security Update for tenvoy (GHSA-5w25-hxp5-h8c9)

    Severity
    Urgent5
    Qualys ID
    982088
    Vendor Reference
    GHSA-5w25-hxp5-h8c9
    CVE Reference
    CVE-2021-32685
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to 7.0.3, the `verifyWithMessage` method of `tEnvoyNaClSigningKey` always returns `true` for any signature that has a SHA-512 hash matching the SHA-512 hash of the message even if the signature was invalid. This issue is patched in version 7.0.3. As a workaround: In `tenvoy.js` under the `verifyWithMessage` method definition within the `tEnvoyNaClSigningKey` class, ensure that the return statement call to `this.verify` ends in `.verified`.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-5w25-hxp5-h8c9 for updates pertaining to this vulnerability.
    Patches
    tenvoy GHSA-5w25-hxp5-h8c9
  • CVE-2017-5941
    In Development

    Nodejs (npm) Security Update for node-serialize (GHSA-q4v7-4rhw-9hqm)

    Severity
    Urgent5
    Qualys ID
    982078
    Vendor Reference
    GHSA-q4v7-4rhw-9hqm
    CVE Reference
    CVE-2017-5941
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Affected versions of `node-serialize` can be abused to execute arbitrary code via an [immediately invoked function expression](https://en.wikipedia.org/wiki/Immediately-invoked_function_expression) (IIFE) if untrusted user input is passed into `unserialize()`.


    ## Recommendation

    There is no direct patch for this issue. The package author has reviewed this advisory, and provided the following recommendation:

    ```
    To avoid the security issues, at least one of the following methods should be taken:

    1. Make sure to send serialized strings internally, isolating them from potential hackers. For example, only sending the strings from backend to fronend and always using HTTPS instead of HTTP.

    2. Introduce public-key cryptosystems (e.g. RSA) to ensure the strings not being tampered with.
    ```
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-q4v7-4rhw-9hqm for updates pertaining to this vulnerability.
    Patches
    node-serialize GHSA-q4v7-4rhw-9hqm
  • CVE-2019-20786
    In Development

    Go (go) Security Update for github.com/pion/dtls (GHSA-7gfg-6934-mqq2)

    Severity
    Urgent5
    Qualys ID
    982031
    Vendor Reference
    GHSA-7gfg-6934-mqq2
    CVE Reference
    CVE-2019-20786
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completion.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7gfg-6934-mqq2 for updates pertaining to this vulnerability.
    Patches
    github.com/pion/dtls GHSA-7gfg-6934-mqq2
  • CVE-2021-23399
    In Development

    Nodejs (npm) Security Update for wincred (GHSA-v85c-hgq5-7pfw)

    Severity
    Urgent5
    Qualys ID
    982019
    Vendor Reference
    GHSA-v85c-hgq5-7pfw
    CVE Reference
    CVE-2021-23399
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions of package wincred. If attacker-controlled user input is given to the getCredential function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v85c-hgq5-7pfw for updates pertaining to this vulnerability.
    Patches
    wincred GHSA-v85c-hgq5-7pfw
  • CVE-2020-28360
    In Development

    Nodejs (npm) Security Update for private-ip (GHSA-43ch-2h55-2vj7)

    Severity
    Urgent5
    Qualys ID
    982003
    Vendor Reference
    GHSA-43ch-2h55-2vj7
    CVE Reference
    CVE-2020-28360
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. An attacker can perform a large range of requests to ARIN reserved IP ranges, resulting in an indeterminable number of critical attack vectors, allowing remote attackers to request server-side resources or potentially execute arbitrary code through various SSRF techniques.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-43ch-2h55-2vj7 for updates pertaining to this vulnerability.
    Patches
    private-ip GHSA-43ch-2h55-2vj7
  • CVE-2021-26707
    In Development

    Nodejs (npm) Security Update for merge-deep (GHSA-r6rj-9ch6-g264)

    Severity
    Urgent5
    Qualys ID
    982001
    Vendor Reference
    GHSA-r6rj-9ch6-g264
    CVE Reference
    CVE-2021-26707
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The merge-deep library before 3.0.3 for Node.js can be tricked into overwriting properties of Object.prototype or adding new properties to it. These properties are then inherited by every object in the program, thus facilitating prototype-pollution attacks against applications using this library.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-r6rj-9ch6-g264 for updates pertaining to this vulnerability.
    Patches
    merge-deep GHSA-r6rj-9ch6-g264
  • CVE-2017-7658
    In Development

    Java (maven) Security Update for org.eclipse.jetty:jetty-server (GHSA-6x9x-8qw9-9pp6)

    Severity
    Urgent5
    Qualys ID
    981994
    Vendor Reference
    GHSA-6x9x-8qw9-9pp6
    CVE Reference
    CVE-2017-7658
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    In Eclipse Jetty Server versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-6x9x-8qw9-9pp6 for updates pertaining to this vulnerability.
    Patches
    org.eclipse.jetty:jetty-server GHSA-6x9x-8qw9-9pp6
  • CVE-2020-13619
    In Development

    Nodejs (npm) Security Update for locutus (GHSA-h86x-mv66-gr5q)

    Severity
    Urgent5
    Qualys ID
    981987
    Vendor Reference
    GHSA-h86x-mv66-gr5q
    CVE Reference
    CVE-2020-13619
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-h86x-mv66-gr5q for updates pertaining to this vulnerability.
    Patches
    locutus GHSA-h86x-mv66-gr5q
  • CVE-2019-19919
    In Development

    Nodejs (npm) Security Update for handlebars (GHSA-w457-6q6x-cgp9)

    Severity
    Urgent5
    Qualys ID
    981982
    Vendor Reference
    GHSA-w457-6q6x-cgp9
    CVE Reference
    CVE-2019-19919
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions of `handlebars` prior to 3.0.8 or 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Objects' `__proto__` and `__defineGetter__` properties, which may allow an attacker to execute arbitrary code through crafted payloads.


    ## Recommendation

    Upgrade to version 3.0.8, 4.3.0 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-w457-6q6x-cgp9 for updates pertaining to this vulnerability.
    Patches
    handlebars GHSA-w457-6q6x-cgp9
  • CVE-2019-10648
    In Development

    Java (maven) Security Update for net.sf.robocode:robocode.api (GHSA-q2xp-75m7-gv52)

    Severity
    Urgent5
    Qualys ID
    981975
    Vendor Reference
    GHSA-q2xp-75m7-gv52
    CVE Reference
    CVE-2019-10648
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Robocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-q2xp-75m7-gv52 for updates pertaining to this vulnerability.
    Patches
    net.sf.robocode:robocode.api GHSA-q2xp-75m7-gv52
  • CVE-2019-10173
    In Development

    Java (maven) Security Update for com.thoughtworks.xstream:xstream (GHSA-hf23-9pf7-388p)

    Severity
    Urgent5
    Qualys ID
    981972
    Vendor Reference
    GHSA-hf23-9pf7-388p
    CVE Reference
    CVE-2019-10173
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. e.g. JSON. (regression of CVE-2013-7285)
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-hf23-9pf7-388p for updates pertaining to this vulnerability.
    Patches
    com.thoughtworks.xstream:xstream GHSA-hf23-9pf7-388p
  • CVE-2019-10071
    In Development

    Java (maven) Security Update for org.apache.tapestry:tapestry-core (GHSA-fgmr-vx7c-5wj6)

    Severity
    Urgent5
    Qualys ID
    981968
    Vendor Reference
    GHSA-fgmr-vx7c-5wj6
    CVE Reference
    CVE-2019-10071
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their payload. The comparison should be done with a constant time algorithm instead.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fgmr-vx7c-5wj6 for updates pertaining to this vulnerability.
    Patches
    org.apache.tapestry:tapestry-core GHSA-fgmr-vx7c-5wj6
  • CVE-2019-16943
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-fmmc-742q-jg75)

    Severity
    Urgent5
    Qualys ID
    981966
    Vendor Reference
    GHSA-fmmc-742q-jg75
    CVE Reference
    CVE-2019-16943
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fmmc-742q-jg75 for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-fmmc-742q-jg75
  • CVE-2019-17531
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-gjmw-vf9h-g25v)

    Severity
    Urgent5
    Qualys ID
    981964
    Vendor Reference
    GHSA-gjmw-vf9h-g25v
    CVE Reference
    CVE-2019-17531
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-gjmw-vf9h-g25v for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-gjmw-vf9h-g25v
  • CVE-2019-10769
    In Development

    Nodejs (npm) Security Update for safer-eval (GHSA-v63x-xc9j-hhvq)

    Severity
    Urgent5
    Qualys ID
    981955
    Vendor Reference
    GHSA-v63x-xc9j-hhvq
    CVE Reference
    CVE-2019-10769
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of `safer-eval` are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context and is not suited to process arbitrary user input. This may allow attackers to execute arbitrary code in the system.


    ## Recommendation

    The package is not meant to receive user input. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v63x-xc9j-hhvq for updates pertaining to this vulnerability.
    Patches
    safer-eval GHSA-v63x-xc9j-hhvq
  • CVE-2019-20330
    In Development

    Java (maven) Security Update for com.fasterxml.jackson.core:jackson-databind (GHSA-gww7-p5w4-wrfv)

    Severity
    Urgent5
    Qualys ID
    981950
    Vendor Reference
    GHSA-gww7-p5w4-wrfv
    CVE Reference
    CVE-2019-20330
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-gww7-p5w4-wrfv for updates pertaining to this vulnerability.
    Patches
    com.fasterxml.jackson.core:jackson-databind GHSA-gww7-p5w4-wrfv
  • CVE-2020-28490
    In Development

    Nodejs (npm) Security Update for async-git (GHSA-6qpr-9mc5-7gch)

    Severity
    Urgent5
    Qualys ID
    981945
    Vendor Reference
    GHSA-6qpr-9mc5-7gch
    CVE Reference
    CVE-2020-28490
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset('atouch HACKEDb')
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-6qpr-9mc5-7gch for updates pertaining to this vulnerability.
    Patches
    async-git GHSA-6qpr-9mc5-7gch
  • CVE-2020-7785
    In Development

    Nodejs (npm) Security Update for node-ps (GHSA-4rv9-5vc4-88cg)

    Severity
    Urgent5
    Qualys ID
    981941
    Vendor Reference
    GHSA-4rv9-5vc4-88cg
    CVE Reference
    CVE-2020-7785
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4rv9-5vc4-88cg for updates pertaining to this vulnerability.
    Patches
    node-ps GHSA-4rv9-5vc4-88cg
  • CVE-2019-10786
    In Development

    Nodejs (npm) Security Update for network-manager (GHSA-ph32-23p8-9rw5)

    Severity
    Urgent5
    Qualys ID
    981940
    Vendor Reference
    GHSA-ph32-23p8-9rw5
    CVE Reference
    CVE-2019-10786
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-ph32-23p8-9rw5 for updates pertaining to this vulnerability.
    Patches
    network-manager GHSA-ph32-23p8-9rw5
  • CVE-2020-1938
    In Development

    Java (maven) Security Update for org.apache.tomcat.embed:tomcat-embed-core (GHSA-c9hw-wf7x-jp9j)

    Severity
    Urgent5
    Qualys ID
    981939
    Vendor Reference
    GHSA-c9hw-wf7x-jp9j
    CVE Reference
    CVE-2020-1938
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-c9hw-wf7x-jp9j for updates pertaining to this vulnerability.
    Patches
    org.apache.tomcat.embed:tomcat-embed-core GHSA-c9hw-wf7x-jp9j
  • CVE-2020-10109
    In Development

    Python (pip) Security Update for Twisted (GHSA-p5xh-vx83-mxcj)

    Severity
    Urgent5
    Qualys ID
    981937
    Vendor Reference
    GHSA-p5xh-vx83-mxcj
    CVE Reference
    CVE-2020-10109
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-p5xh-vx83-mxcj for updates pertaining to this vulnerability.
    Patches
    Twisted GHSA-p5xh-vx83-mxcj
  • CVE-2020-7603
    In Development

    Nodejs (npm) Security Update for closure-compiler-stream (GHSA-m647-5wf9-3jp3)

    Severity
    Urgent5
    Qualys ID
    981932
    Vendor Reference
    GHSA-m647-5wf9-3jp3
    CVE Reference
    CVE-2020-7603
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. The argument &quot;options&quot; of the exports function in &quot;index.js&quot; can be controlled by users without any sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-m647-5wf9-3jp3 for updates pertaining to this vulnerability.
    Patches
    closure-compiler-stream GHSA-m647-5wf9-3jp3
  • CVE-2020-7782
    In Development

    Nodejs (npm) Security Update for spritesheet-js (GHSA-333x-qr3v-g4xx)

    Severity
    Urgent5
    Qualys ID
    981930
    Vendor Reference
    GHSA-333x-qr3v-g4xx
    CVE Reference
    CVE-2020-7782
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects all versions of package spritesheet-js. It depends on a vulnerable package platform-command. The injection point is located in line 32 in lib/generator.js, which is triggered by main entry of the package.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-333x-qr3v-g4xx for updates pertaining to this vulnerability.
    Patches
    spritesheet-js GHSA-333x-qr3v-g4xx
  • CVE-2020-28468
    In Development

    Python (pip) Security Update for pwntools (GHSA-7xc5-ggpp-g249)

    Severity
    Urgent5
    Qualys ID
    981916
    Vendor Reference
    GHSA-7xc5-ggpp-g249
    CVE Reference
    CVE-2020-28468
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-7xc5-ggpp-g249 for updates pertaining to this vulnerability.
    Patches
    pwntools GHSA-7xc5-ggpp-g249
  • CVE-2020-28464
    In Development

    Nodejs (npm) Security Update for djv (GHSA-4hv7-3q38-97m8)

    Severity
    Urgent5
    Qualys ID
    981915
    Vendor Reference
    GHSA-4hv7-3q38-97m8
    CVE Reference
    CVE-2020-28464
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4hv7-3q38-97m8 for updates pertaining to this vulnerability.
    Patches
    djv GHSA-4hv7-3q38-97m8
  • CVE-2020-7602
    In Development

    Nodejs (npm) Security Update for node-prompt-here (GHSA-f8fh-8rgm-227h)

    Severity
    Urgent5
    Qualys ID
    981912
    Vendor Reference
    GHSA-f8fh-8rgm-227h
    CVE Reference
    CVE-2020-7602
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    node-prompt-here through 1.0.1 allows execution of arbitrary commands. The &quot;runCommand()&quot; is called by &quot;getDevices()&quot; function in file &quot;linux/manager.js&quot;, which is required by the &quot;index. process.env.NM_CLI&quot; in the file &quot;linux/manager.js&quot;. This function is used to construct the argument of function &quot;execSync()&quot;, which can be controlled by users without any sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-f8fh-8rgm-227h for updates pertaining to this vulnerability.
    Patches
    node-prompt-here GHSA-f8fh-8rgm-227h
  • CVE-2020-7601
    In Development

    Nodejs (npm) Security Update for gulp-scss-lint (GHSA-g4hj-r7r3-9rwv)

    Severity
    Urgent5
    Qualys ID
    981911
    Vendor Reference
    GHSA-g4hj-r7r3-9rwv
    CVE Reference
    CVE-2020-7601
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands to the &quot;exec&quot; function located in &quot;src/command.js&quot; via the provided options.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-g4hj-r7r3-9rwv for updates pertaining to this vulnerability.
    Patches
    gulp-scss-lint GHSA-g4hj-r7r3-9rwv
  • CVE-2020-7604
    In Development

    Nodejs (npm) Security Update for pulverizr (GHSA-fmf5-j5j9-99pp)

    Severity
    Urgent5
    Qualys ID
    981910
    Vendor Reference
    GHSA-fmf5-j5j9-99pp
    CVE Reference
    CVE-2020-7604
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    pulverizr through 0.7.0 allows execution of arbitrary commands. Within &quot;lib/job.js&quot;, the variable &quot;filename&quot; can be controlled by the attacker. This function uses the variable &quot;filename&quot; to construct the argument of the exec call without any sanitization. In order to successfully exploit this vulnerability, an attacker will need to create a new file with the same name as the attack command.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fmf5-j5j9-99pp for updates pertaining to this vulnerability.
    Patches
    pulverizr GHSA-fmf5-j5j9-99pp
  • CVE-2020-7605
    In Development

    Nodejs (npm) Security Update for gulp-tape (GHSA-x67x-98x7-wv26)

    Severity
    Urgent5
    Qualys ID
    981909
    Vendor Reference
    GHSA-x67x-98x7-wv26
    CVE Reference
    CVE-2020-7605
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    gulp-tape through 1.0.0 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of &#39;gulp-tape&#39; options.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-x67x-98x7-wv26 for updates pertaining to this vulnerability.
    Patches
    gulp-tape GHSA-x67x-98x7-wv26
  • CVE-2020-7607
    In Development

    Nodejs (npm) Security Update for gulp-styledocco (GHSA-h33p-5j96-w8qh)

    Severity
    Urgent5
    Qualys ID
    981908
    Vendor Reference
    GHSA-h33p-5j96-w8qh
    CVE Reference
    CVE-2020-7607
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    gulp-styledocco through 0.0.3 allows execution of arbitrary commands. The argument &#39;options&#39; of the exports function in &#39;index.js&#39; can be controlled by users without any sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-h33p-5j96-w8qh for updates pertaining to this vulnerability.
    Patches
    gulp-styledocco GHSA-h33p-5j96-w8qh
  • CVE-2020-7606
    In Development

    Nodejs (npm) Security Update for docker-compose-remote-api (GHSA-q6pj-jh94-5fpr)

    Severity
    Urgent5
    Qualys ID
    981907
    Vendor Reference
    GHSA-q6pj-jh94-5fpr
    CVE Reference
    CVE-2020-7606
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Within &#39;index.js&#39; of the package, the function &#39;exec(serviceName, cmd, fnStdout, fnStderr, fnExit)&#39; uses the variable &#39;serviceName&#39; which can be controlled by users without any sanitization.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-q6pj-jh94-5fpr for updates pertaining to this vulnerability.
    Patches
    docker-compose-remote-api GHSA-q6pj-jh94-5fpr
  • CVE-2020-1957
    In Development

    Java (maven) Security Update for org.apache.shiro:shiro-core (GHSA-26gr-cvq3-qxgf)

    Severity
    Urgent5
    Qualys ID
    981904
    Vendor Reference
    GHSA-26gr-cvq3-qxgf
    CVE Reference
    CVE-2020-1957
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-26gr-cvq3-qxgf for updates pertaining to this vulnerability.
    Patches
    org.apache.shiro:shiro-core GHSA-26gr-cvq3-qxgf
  • CVE-2020-7620
    In Development

    Nodejs (npm) Security Update for pomelo-monitor (GHSA-4j54-mxf6-wxx2)

    Severity
    Urgent5
    Qualys ID
    981901
    Vendor Reference
    GHSA-4j54-mxf6-wxx2
    CVE Reference
    CVE-2020-7620
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It allows injection of arbitrary commands as part of 'pomelo-monitor' params.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-4j54-mxf6-wxx2 for updates pertaining to this vulnerability.
    Patches
    pomelo-monitor GHSA-4j54-mxf6-wxx2
  • CVE-2020-7619
    In Development

    Nodejs (npm) Security Update for get-git-data (GHSA-wj6h-7chw-x4h2)

    Severity
    Urgent5
    Qualys ID
    981900
    Vendor Reference
    GHSA-wj6h-7chw-x4h2
    CVE Reference
    CVE-2020-7619
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    get-git-data through 1.3.1 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the arguments provided to get-git-data.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-wj6h-7chw-x4h2 for updates pertaining to this vulnerability.
    Patches
    get-git-data GHSA-wj6h-7chw-x4h2
  • CVE-2020-7628
    In Development

    Nodejs (npm) Security Update for umount (GHSA-6q48-vjq2-mwcj)

    Severity
    Urgent5
    Qualys ID
    981898
    Vendor Reference
    GHSA-6q48-vjq2-mwcj
    CVE Reference
    CVE-2020-7628
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of `umount ` are vulnerable to Command Injection. The package fails to sanitize input rules and passes it directly to an `exec` call on the `umount` function . This may allow attackers to execute arbitrary code in the system if the `device` value passed to the function is user-controlled.


    ## Recommendation

    No fix is currently available. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-6q48-vjq2-mwcj for updates pertaining to this vulnerability.
    Patches
    umount GHSA-6q48-vjq2-mwcj
  • CVE-2020-7614
    In Development

    Nodejs (npm) Security Update for npm-programmatic (GHSA-426h-24vj-qwxf)

    Severity
    Urgent5
    Qualys ID
    981893
    Vendor Reference
    GHSA-426h-24vj-qwxf
    CVE Reference
    CVE-2020-7614
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of `npm-programmatic ` are vulnerable to Command Injection. The package fails to sanitize input rules and passes it directly to an `exec` call on the `install`, `uninstall` and `list` functions . This may allow attackers to execute arbitrary code in the system if the package name passed to the function is user-controlled.


    ## Recommendation

    No fix is currently available. Consider using an alternative package until a fix is made available.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-426h-24vj-qwxf for updates pertaining to this vulnerability.
    Patches
    npm-programmatic GHSA-426h-24vj-qwxf
  • CVE-2020-12265
    In Development

    Nodejs (npm) Security Update for decompress (GHSA-qgfr-5hqp-vrw9)

    Severity
    Urgent5
    Qualys ID
    981891
    Vendor Reference
    GHSA-qgfr-5hqp-vrw9
    CVE Reference
    CVE-2020-12265
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Versions of `decompress` prior to 4.2.1 are vulnerable to Arbitrary File Write. The package fails to prevent extraction of files with relative paths, allowing attackers to write to any folder in the system by including filenames containing`../`.


    ## Recommendation

    Upgrade to version 4.2.1 or later.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-qgfr-5hqp-vrw9 for updates pertaining to this vulnerability.
    Patches
    decompress GHSA-qgfr-5hqp-vrw9
  • CVE-2020-1959
    In Development

    Java (maven) Security Update for org.apache.syncope:syncope-core (GHSA-vjqw-r3ww-wj2w)

    Severity
    Urgent5
    Qualys ID
    981890
    Vendor Reference
    GHSA-vjqw-r3ww-wj2w
    CVE Reference
    CVE-2020-1959
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution (RCE) vulnerability. Apache Syncope uses Java Bean Validation (JSR 380) custom constraint validators. When building custom constraint violation error messages, they support different types of interpolation, including Java EL expressions. Therefore, if an attacker can inject arbitrary data in the error message template being passed, they will be able to run arbitrary Java code.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-vjqw-r3ww-wj2w for updates pertaining to this vulnerability.
    Patches
    org.apache.syncope:syncope-core GHSA-vjqw-r3ww-wj2w
  • CVE-2020-7673
    In Development

    Nodejs (npm) Security Update for node-extend (GHSA-cg42-4wrc-gp47)

    Severity
    Urgent5
    Qualys ID
    981882
    Vendor Reference
    GHSA-cg42-4wrc-gp47
    CVE Reference
    CVE-2020-7673
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `eval` function, resulting in code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-cg42-4wrc-gp47 for updates pertaining to this vulnerability.
    Patches
    node-extend GHSA-cg42-4wrc-gp47
  • CVE-2020-7675
    In Development

    Nodejs (npm) Security Update for cd-messenger (GHSA-v756-4whv-48vc)

    Severity
    Urgent5
    Qualys ID
    981881
    Vendor Reference
    GHSA-v756-4whv-48vc
    CVE Reference
    CVE-2020-7675
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the `color` argument executed by the `eval` function resulting in code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-v756-4whv-48vc for updates pertaining to this vulnerability.
    Patches
    cd-messenger GHSA-v756-4whv-48vc
  • CVE-2020-7674
    In Development

    Nodejs (npm) Security Update for access-policy (GHSA-fw2f-7f87-5r6c)

    Severity
    Urgent5
    Qualys ID
    981880
    Vendor Reference
    GHSA-fw2f-7f87-5r6c
    CVE Reference
    CVE-2020-7674
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the `template` function is executed by the `eval` function resulting in code execution.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fw2f-7f87-5r6c for updates pertaining to this vulnerability.
    Patches
    access-policy GHSA-fw2f-7f87-5r6c
  • CVE-2020-11989
    In Development

    Java (maven) Security Update for org.apache.shiro:shiro-core (GHSA-72w9-fcj5-3fcg)

    Severity
    Urgent5
    Qualys ID
    981875
    Vendor Reference
    GHSA-72w9-fcj5-3fcg
    CVE Reference
    CVE-2020-11989
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-72w9-fcj5-3fcg for updates pertaining to this vulnerability.
    Patches
    org.apache.shiro:shiro-core GHSA-72w9-fcj5-3fcg
  • CVE-2020-15362
    In Development

    Nodejs (npm) Security Update for wifiscanner (GHSA-m6rw-m2v9-7hx4)

    Severity
    Urgent5
    Qualys ID
    981872
    Vendor Reference
    GHSA-m6rw-m2v9-7hx4
    CVE Reference
    CVE-2020-15362
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-m6rw-m2v9-7hx4 for updates pertaining to this vulnerability.
    Patches
    wifiscanner GHSA-m6rw-m2v9-7hx4
  • CVE-2020-7769
    In Development

    Nodejs (npm) Security Update for nodemailer (GHSA-48ww-j4fc-435p)

    Severity
    Urgent5
    Qualys ID
    981871
    Vendor Reference
    GHSA-48ww-j4fc-435p
    CVE Reference
    CVE-2020-7769
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-48ww-j4fc-435p for updates pertaining to this vulnerability.
    Patches
    nodemailer GHSA-48ww-j4fc-435p
  • CVE-2020-7714
    In Development

    Nodejs (npm) Security Update for confucious (GHSA-fmrr-mx6j-h3h5)

    Severity
    Urgent5
    Qualys ID
    981866
    Vendor Reference
    GHSA-fmrr-mx6j-h3h5
    CVE Reference
    CVE-2020-7714
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions of package confucious up to and including version 0.0.12 are vulnerable to Prototype Pollution via the set function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-fmrr-mx6j-h3h5 for updates pertaining to this vulnerability.
    Patches
    confucious GHSA-fmrr-mx6j-h3h5
  • CVE-2020-7725
    In Development

    Nodejs (npm) Security Update for worksmith (GHSA-9829-jj5p-j6hf)

    Severity
    Urgent5
    Qualys ID
    981865
    Vendor Reference
    GHSA-9829-jj5p-j6hf
    CVE Reference
    CVE-2020-7725
    CVSS Scores
    Base 9.8 / Temporal 8.5
    Description
    All versions up to and including 1.0.0 of the package worksmith are vulnerable to Prototype Pollution via the setValue function.
    Consequence
    Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
    Solution
    Customers are advised to refer to GHSA-9829-jj5p-j6hf for updates pertaining to this vulnerability.
    Patches
    worksmith GHSA-9829-jj5p-j6hf
  • CVE-2020-7713
    In Development

    Nodejs (npm) Security Update for arr-flatten-unflatten (GHSA-w8f3-pvx4-4c3h)

    Severity
    Urgent5
    Qualys ID
    981864
    Vendor Reference