Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Impact
The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, any existing injected XSS will not run.
Patches
See "Patched versions.
https://github.com/ibexa/admin-ui/commit/8ec824a8cf06c566ed88e4c21cc66f7ed42649fc
Workarounds
None.
References
Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates
Release notes: https://doc.ibexa.co/en/latest/update_and_migration/from_4.6/update_from_4.6/#v4614
References
https://github.com/ibexa/admin-ui/security/advisories/GHSA-8w3p-gf85-qcch
https://nvd.nist.gov/vuln/detail/CVE-2024-53864
https://github.com/ibexa/admin-ui/commit/8ec824a8cf06c566ed88e4c21cc66f7ed42649fc
https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates
https://doc.ibexa.co/en/latest/update_and_migration/from_4.6/update_from_4.6/#v4614
https://github.com/advisories/GHSA-8w3p-gf85-qcch
December 3rd, 2024 (5 months ago)
|
|
|
Description: Impact
This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Please check your web server configuration as well.
Patches
See "Patched versions".
https://github.com/ezsystems/ezplatform-http-cache/commit/ca8a5cf69b2c14fbec90412aeeef5c755c51457b
Workarounds
Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets.
References
Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates
Release notes: https://doc.ibexa.co/en/latest/update_and_migration/from_3.3/update_from_3.3/#v3341
https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7
https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw
https://www.breachattack.com/
References
https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6
https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw
https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7
https://github.com/e...
December 3rd, 2024 (5 months ago)
|
|
|
Description: Impact
This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Please check your web server configuration as well.
Patches
See "Patched versions".
https://github.com/ibexa/http-cache/commit/e03f683e8db53b6d253e1af8177befeecc8d3914
Workarounds
Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets.
References
Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates
Release notes: https://doc.ibexa.co/en/latest/update_and_migration/from_4.6/update_from_4.6/#v4614
https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7
https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6
https://www.breachattack.com/
References
https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6
https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw
https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7
https://github.com/i...
December 3rd, 2024 (5 months ago)
|
|
|
Description: Impact
This is not a vulnerability in the code per se, but included platform.sh Varnish VCL templates and Apache/Nginx vhost templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions.
Patches
See "Patched versions".
v1.0: https://github.com/ibexa/post-install/commit/d91cc02623dd3263a99a94ace133c95e48909e5d
v4.6: https://github.com/ibexa/post-install/commit/ae7c3c2081a862c75b90828f08bd74436ceb8fe8
Workarounds
Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets.
References
Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates
Release notes v3.3: https://doc.ibexa.co/en/latest/update_and_migration/from_3.3/update_from_3.3/#v3341
Release notes v4.6: https://doc.ibexa.co/en/latest/update_and_migration/from_4.6/update_from_4.6/#v4614
https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6
https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw
https://www.breachattack.com/
References
https://github.com/ezsystems/ezplatform-http-cache/security/advis...
December 3rd, 2024 (5 months ago)
|
|
|
Description: Summary
When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE.
Mitigation:
Remove the LIBXML_DTDLOAD | LIBXML_DTDATTR options from $options is in: https://github.com/simplesamlphp/saml2/blob/717c0adc4877ebd58428637e5626345e59fa0109/src/SAML2/DOMDocumentFactory.php#L41
Background / details
To be published on Dec 8th
References
https://github.com/simplesamlphp/simplesamlphp/security/advisories/GHSA-j5g2-q29x-cw3h
https://github.com/simplesamlphp/xml-common/security/advisories/GHSA-2x65-fpch-2fcm
https://nvd.nist.gov/vuln/detail/CVE-2024-52596
https://github.com/advisories/GHSA-j5g2-q29x-cw3h
December 3rd, 2024 (5 months ago)
|
|
|
Description: A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-36610
https://github.com/symfony/symfony/commit/3ffd495bb3cc4d2e24e35b2d83c5b909cab7e259
https://gist.github.com/1047524396/24e93f2905850235e42ad7db6e878bd5
https://github.com/symfony/symfony/blob/v7.0.3/src/Symfony/Component/VarDumper/Cloner/Stub.php#L53
https://github.com/advisories/GHSA-cg28-v4wq-whv5
December 3rd, 2024 (5 months ago)
|
|
|
Description: In Symfony, a security vulnerability was identified in the FormLoginAuthenticator component, where it failed to adequately handle cases where the username or password field of a login request is empty. This flaw could lead to various security risks, including improper authentication logic handling or denial of service.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-36611
https://github.com/symfony/symfony/commit/a804ca15fcad279d7727b91d12a667fd5b925995
https://gist.github.com/1047524396/3581425e0911b716cf8ce4fa30e41e6c
https://github.com/symfony/symfony/blob/v7.0.7/src/Symfony/Component/Security/Http/Authenticator/FormLoginAuthenticator.php#L132
https://github.com/advisories/GHSA-7q22-x757-cmgc
December 3rd, 2024 (5 months ago)
|
|
|
Description: Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems.
"By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels of access
December 3rd, 2024 (5 months ago)
|
|
|
Description: The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft.
"Phishing emails were sent mainly through email services in Japan and Korea until early September," South Korean cybersecurity company Genians said. "Then, from mid-September,
December 3rd, 2024 (5 months ago)
|
|
|
Description: A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT.
The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer
December 3rd, 2024 (5 months ago)
|