diff --git a/vulns/airflow/PYSEC-0000-airflow-GHSA-q3p4-gw7r-wqjc.yaml b/vulns/airflow/PYSEC-0000-airflow-GHSA-q3p4-gw7r-wqjc.yaml new file mode 100644 index 000000000..4af2f035e --- /dev/null +++ b/vulns/airflow/PYSEC-0000-airflow-GHSA-q3p4-gw7r-wqjc.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-airflow-GHSA-q3p4-gw7r-wqjc +modified: '2026-07-02T14:13:09.589522Z' +published: '2026-07-02T14:13:09.589522Z' +aliases: +- CVE-2019-12417 +- GHSA-q3p4-gw7r-wqjc +summary: Apache Airflow vulnerable to XSS and local file disclosure +details: A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N +- type: CVSS_V4 + score: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N +affected: +- package: + ecosystem: PyPI + name: airflow + purl: pkg:pypi/airflow + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.10.6 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2019-12417 +- type: WEB + url: https://github.com/apache/airflow/commit/caf1f264b845153b9a61b00b1a57acb7c320e743 +- type: ADVISORY + url: https://github.com/advisories/GHSA-q3p4-gw7r-wqjc +- type: PACKAGE + url: https://github.com/apache/airflow +- type: WEB + url: https://github.com/pypa/advisory-database/tree/main/vulns/apache-airflow/PYSEC-2019-216.yaml +- type: WEB + url: https://lists.apache.org/thread.html/f3aa5ff9c7cdb5424b6463c9013f6cf5db83d26c66ea77130cbbe1bc@%3Cusers.airflow.apache.org%3E +- type: PACKAGE + url: https://pypi.org/project/airflow diff --git a/vulns/ansible/PYSEC-0000-ansible-GHSA-fh5v-5f35-2rv2.yaml b/vulns/ansible/PYSEC-0000-ansible-GHSA-fh5v-5f35-2rv2.yaml new file mode 100644 index 000000000..ebc2eae7d --- /dev/null +++ b/vulns/ansible/PYSEC-0000-ansible-GHSA-fh5v-5f35-2rv2.yaml @@ -0,0 +1,46 @@ +id: PYSEC-0000-ansible-GHSA-fh5v-5f35-2rv2 +modified: '2026-07-02T14:13:16.795525Z' +published: '2026-07-02T14:13:16.795525Z' +aliases: +- CVE-2021-20180 +- GHSA-fh5v-5f35-2rv2 +summary: Insertion of Sensitive Information into Log File in ansible +details: A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N +affected: +- package: + ecosystem: PyPI + name: ansible + purl: pkg:pypi/ansible + ranges: + - type: ECOSYSTEM + events: + - introduced: 2.8.0a1 + - fixed: 2.8.19 + - introduced: 2.9.0b1 + - fixed: 2.9.18 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-20180 +- type: WEB + url: https://github.com/ansible/ansible/pull/73242 +- type: WEB + url: https://github.com/ansible/ansible/pull/73243 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1915808 +- type: PACKAGE + url: https://github.com/ansible/ansible +- type: WEB + url: https://github.com/ansible/ansible/blob/v2.8.19/changelogs/CHANGELOG-v2.8.rst +- type: WEB + url: https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst +- type: WEB + url: https://github.com/ansible/ansible/tree/v2.7.18/lib/ansible/modules/source_control +- type: WEB + url: https://github.com/ansible/ansible/tree/v2.8.0a1/lib/ansible/modules/source_control +- type: PACKAGE + url: https://pypi.org/project/ansible +- type: ADVISORY + url: https://github.com/advisories/GHSA-fh5v-5f35-2rv2 diff --git a/vulns/aodh/PYSEC-0000-aodh-GHSA-86cv-9gpx-6hwj.yaml b/vulns/aodh/PYSEC-0000-aodh-GHSA-86cv-9gpx-6hwj.yaml new file mode 100644 index 000000000..6d086213a --- /dev/null +++ b/vulns/aodh/PYSEC-0000-aodh-GHSA-86cv-9gpx-6hwj.yaml @@ -0,0 +1,48 @@ +id: PYSEC-0000-aodh-GHSA-86cv-9gpx-6hwj +modified: '2026-07-02T14:13:24.418168Z' +published: '2026-07-02T14:13:24.418168Z' +aliases: +- CVE-2017-12440 +- GHSA-86cv-9gpx-6hwj +summary: Openstack Aodh can be used to launder Keystone trusts +details: Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H +affected: +- package: + ecosystem: PyPI + name: aodh + purl: pkg:pypi/aodh + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 6.0.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2017-12440 +- type: WEB + url: https://github.com/openstack/aodh/commit/149d3ad2193b4d17df801f82a0a6be62dba564db +- type: WEB + url: https://github.com/openstack/aodh/commit/92182de328d1f088c5f5a68326d2b207b21e06ea +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:3227 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2018:0315 +- type: WEB + url: https://bugs.launchpad.net/ossn/+bug/1649333 +- type: WEB + url: https://review.openstack.org/#/c/493823 +- type: WEB + url: https://review.openstack.org/#/c/493824 +- type: WEB + url: https://review.openstack.org/#/c/493826 +- type: WEB + url: http://www.debian.org/security/2017/dsa-3953 +- type: WEB + url: http://www.securityfocus.com/bid/100455 +- type: PACKAGE + url: https://pypi.org/project/aodh +- type: ADVISORY + url: https://github.com/advisories/GHSA-86cv-9gpx-6hwj diff --git a/vulns/calibreweb/PYSEC-0000-calibreweb-GHSA-wrp6-9w7f-3wxg.yaml b/vulns/calibreweb/PYSEC-0000-calibreweb-GHSA-wrp6-9w7f-3wxg.yaml new file mode 100644 index 000000000..45240053f --- /dev/null +++ b/vulns/calibreweb/PYSEC-0000-calibreweb-GHSA-wrp6-9w7f-3wxg.yaml @@ -0,0 +1,34 @@ +id: PYSEC-0000-calibreweb-GHSA-wrp6-9w7f-3wxg +modified: '2026-07-02T14:13:14.959672Z' +published: '2026-07-02T14:13:14.959672Z' +aliases: +- CVE-2021-4170 +- GHSA-wrp6-9w7f-3wxg +summary: calibre-web is vulnerable to Cross-site Scripting +details: calibre-web is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: calibreweb + purl: pkg:pypi/calibreweb + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.6.15 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-4170 +- type: WEB + url: https://github.com/janeczku/calibre-web/commit/7ad419dc8c12180e842a82118f4866ac3d074bc5 +- type: WEB + url: https://github.com/janeczku/calibre-web +- type: WEB + url: https://huntr.dev/bounties/ff395101-e392-401d-ab4f-579c63fbf6a0 +- type: PACKAGE + url: https://pypi.org/project/calibreweb +- type: ADVISORY + url: https://github.com/advisories/GHSA-wrp6-9w7f-3wxg diff --git a/vulns/calibreweb/PYSEC-0000-calibreweb-GHSA-wxr6-29pv-ch68.yaml b/vulns/calibreweb/PYSEC-0000-calibreweb-GHSA-wxr6-29pv-ch68.yaml new file mode 100644 index 000000000..768ce7462 --- /dev/null +++ b/vulns/calibreweb/PYSEC-0000-calibreweb-GHSA-wxr6-29pv-ch68.yaml @@ -0,0 +1,34 @@ +id: PYSEC-0000-calibreweb-GHSA-wxr6-29pv-ch68 +modified: '2026-07-02T14:13:14.881686Z' +published: '2026-07-02T14:13:14.881686Z' +aliases: +- CVE-2021-4164 +- GHSA-wxr6-29pv-ch68 +summary: calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) +details: calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H +affected: +- package: + ecosystem: PyPI + name: calibreweb + purl: pkg:pypi/calibreweb + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.6.15 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-4164 +- type: WEB + url: https://github.com/janeczku/calibre-web/commit/785726deee13b4d56f6c3503dd57c1e3eb7d6f30 +- type: PACKAGE + url: https://github.com/janeczku/calibre-web +- type: WEB + url: https://huntr.dev/bounties/2debace1-a0f3-45c1-95fa-9d0512680758 +- type: PACKAGE + url: https://pypi.org/project/calibreweb +- type: ADVISORY + url: https://github.com/advisories/GHSA-wxr6-29pv-ch68 diff --git a/vulns/cheetah/PYSEC-0000-cheetah-GHSA-vxf2-7rc3-pxmx.yaml b/vulns/cheetah/PYSEC-0000-cheetah-GHSA-vxf2-7rc3-pxmx.yaml new file mode 100644 index 000000000..95a16041d --- /dev/null +++ b/vulns/cheetah/PYSEC-0000-cheetah-GHSA-vxf2-7rc3-pxmx.yaml @@ -0,0 +1,30 @@ +id: PYSEC-0000-cheetah-GHSA-vxf2-7rc3-pxmx +modified: '2026-07-02T14:13:19.492605Z' +published: '2026-07-02T14:13:19.492605Z' +aliases: +- CVE-2005-1632 +- GHSA-vxf2-7rc3-pxmx +summary: Cheetah Path Search Order Hijacking +details: Cheetah 0.9.15 and 0.9.16 searches the `/tmp` directory for modules before using the paths in the `PYTHONPATH` variable, which allows local users to execute arbitrary code via a malicious module in `/tmp/`. +severity: [] +affected: +- package: + ecosystem: PyPI + name: cheetah + purl: pkg:pypi/cheetah + ranges: + - type: ECOSYSTEM + events: + - introduced: 0.9.15 + - last_affected: 0.9.16 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2005-1632 +- type: PACKAGE + url: https://github.com/cheetahtemplate/cheetah +- type: WEB + url: https://web.archive.org/web/20050430021153/http://sourceforge.net/mailarchive/forum.php?thread_id=7070332&forum_id=1542 +- type: PACKAGE + url: https://pypi.org/project/cheetah +- type: ADVISORY + url: https://github.com/advisories/GHSA-vxf2-7rc3-pxmx diff --git a/vulns/cobbler/PYSEC-0000-cobbler-GHSA-4vc9-4xpq-77vm.yaml b/vulns/cobbler/PYSEC-0000-cobbler-GHSA-4vc9-4xpq-77vm.yaml new file mode 100644 index 000000000..39cd7d7d2 --- /dev/null +++ b/vulns/cobbler/PYSEC-0000-cobbler-GHSA-4vc9-4xpq-77vm.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-cobbler-GHSA-4vc9-4xpq-77vm +modified: '2026-07-02T14:13:24.191314Z' +published: '2026-07-02T14:13:24.191314Z' +aliases: +- CVE-2016-9605 +- GHSA-4vc9-4xpq-77vm +summary: Cobbler Arbitrary File Read +details: A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: cobbler + purl: pkg:pypi/cobbler + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 2.6.11-1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2016-9605 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9605 +- type: PACKAGE + url: https://github.com/cobbler/cobbler +- type: PACKAGE + url: https://pypi.org/project/cobbler +- type: ADVISORY + url: https://github.com/advisories/GHSA-4vc9-4xpq-77vm diff --git a/vulns/cobbler/PYSEC-0000-cobbler-GHSA-9fqr-pqc9-f7pj.yaml b/vulns/cobbler/PYSEC-0000-cobbler-GHSA-9fqr-pqc9-f7pj.yaml new file mode 100644 index 000000000..d14060fe2 --- /dev/null +++ b/vulns/cobbler/PYSEC-0000-cobbler-GHSA-9fqr-pqc9-f7pj.yaml @@ -0,0 +1,42 @@ +id: PYSEC-0000-cobbler-GHSA-9fqr-pqc9-f7pj +modified: '2026-07-02T14:13:17.843067Z' +published: '2026-07-02T14:13:17.843067Z' +aliases: +- CVE-2011-4952 +- GHSA-9fqr-pqc9-f7pj +summary: Cobbler Web Interface Lacks CSRF Protection +details: 'cobbler: Web interface lacks CSRF protection when using Django framework' +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H +affected: +- package: + ecosystem: PyPI + name: cobbler + purl: pkg:pypi/cobbler + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.6.0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2011-4952 +- type: WEB + url: https://github.com/cobbler/cobbler/commit/18eb1c06779b37d89dfb2962a08236dd1bab24a6 +- type: WEB + url: https://github.com/cobbler/cobbler/commit/4bee30b4086a8d845bea5d39d6f2cba1f4a396aa +- type: WEB + url: https://access.redhat.com/security/cve/cve-2011-4952 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4952 +- type: PACKAGE + url: https://github.com/cobbler/cobbler +- type: WEB + url: https://security-tracker.debian.org/tracker/CVE-2011-4952 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2012/04/12/10 +- type: PACKAGE + url: https://pypi.org/project/cobbler +- type: ADVISORY + url: https://github.com/advisories/GHSA-9fqr-pqc9-f7pj diff --git a/vulns/codechecker/PYSEC-0000-codechecker-GHSA-fxmx-pfm2-85m2.yaml b/vulns/codechecker/PYSEC-0000-codechecker-GHSA-fxmx-pfm2-85m2.yaml new file mode 100644 index 000000000..950aa833b --- /dev/null +++ b/vulns/codechecker/PYSEC-0000-codechecker-GHSA-fxmx-pfm2-85m2.yaml @@ -0,0 +1,44 @@ +id: PYSEC-0000-codechecker-GHSA-fxmx-pfm2-85m2 +modified: '2026-07-02T14:13:14.739420Z' +published: '2026-07-02T14:13:14.739420Z' +aliases: +- CVE-2021-44217 +- GHSA-fxmx-pfm2-85m2 +summary: Cross-site Scripting in Ericsson CodeChecker +details: In Ericsson CodeChecker prior to 6.18.2, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeCheckerService API. +severity: [] +affected: +- package: + ecosystem: PyPI + name: codechecker + purl: pkg:pypi/codechecker + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 6.18.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-44217 +- type: WEB + url: https://github.com/Ericsson/codechecker/pull/3549 +- type: WEB + url: https://github.com/Ericsson/codechecker/commit/72ee51158e6d81150320223b85410c179b9ee2b1 +- type: WEB + url: https://codechecker-demo.eastus.cloudapp.azure.com +- type: PACKAGE + url: https://github.com/Ericsson/codechecker +- type: WEB + url: https://github.com/Ericsson/codechecker/releases +- type: WEB + url: https://github.com/Ericsson/codechecker/releases/tag/v6.18.2 +- type: WEB + url: https://github.com/Hyperkopite/CVE-2021-44217/blob/main/README.md +- type: WEB + url: https://github.com/pypa/advisory-database/tree/main/vulns/codechecker-api/PYSEC-2022-43181.yaml +- type: WEB + url: https://user-images.githubusercontent.com/9525971/142965091-e118b012-a7fc-4c2f-ad0c-80aeed6f7ec9.png +- type: PACKAGE + url: https://pypi.org/project/codechecker +- type: ADVISORY + url: https://github.com/advisories/GHSA-fxmx-pfm2-85m2 diff --git a/vulns/contentful/PYSEC-0000-contentful-GHSA-g5j6-r3x9-gf2m.yaml b/vulns/contentful/PYSEC-0000-contentful-GHSA-g5j6-r3x9-gf2m.yaml new file mode 100644 index 000000000..2fa6731d8 --- /dev/null +++ b/vulns/contentful/PYSEC-0000-contentful-GHSA-g5j6-r3x9-gf2m.yaml @@ -0,0 +1,30 @@ +id: PYSEC-0000-contentful-GHSA-g5j6-r3x9-gf2m +modified: '2026-07-02T14:13:10.258627Z' +published: '2026-07-02T14:13:10.258627Z' +aliases: +- CVE-2020-13258 +- GHSA-g5j6-r3x9-gf2m +summary: Cross-site scripting in Contentful +details: Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: contentful + purl: pkg:pypi/contentful + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.12.4 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2020-13258 +- type: WEB + url: https://github.com/contentful/the-example-app.py/issues/44 +- type: PACKAGE + url: https://pypi.org/project/contentful +- type: ADVISORY + url: https://github.com/advisories/GHSA-g5j6-r3x9-gf2m diff --git a/vulns/cvrf2csaf/PYSEC-0000-cvrf2csaf-GHSA-m8gq-83gh-v42v.yaml b/vulns/cvrf2csaf/PYSEC-0000-cvrf2csaf-GHSA-m8gq-83gh-v42v.yaml new file mode 100644 index 000000000..4b8b541d7 --- /dev/null +++ b/vulns/cvrf2csaf/PYSEC-0000-cvrf2csaf-GHSA-m8gq-83gh-v42v.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-cvrf2csaf-GHSA-m8gq-83gh-v42v +modified: '2026-07-02T14:13:16.551613Z' +published: '2026-07-02T14:13:16.551613Z' +aliases: +- CVE-2022-27193 +- GHSA-m8gq-83gh-v42v +summary: XML External Entities Vulnerability in CVRF-CSAF-Converter +details: CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L +affected: +- package: + ecosystem: PyPI + name: cvrf2csaf + purl: pkg:pypi/cvrf2csaf + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.0.0rc2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-27193 +- type: PACKAGE + url: https://github.com/csaf-tools/CVRF-CSAF-Converter +- type: WEB + url: https://github.com/csaf-tools/CVRF-CSAF-Converter/releases/tag/1.0.0-rc2 +- type: PACKAGE + url: https://pypi.org/project/cvrf2csaf +- type: ADVISORY + url: https://github.com/advisories/GHSA-m8gq-83gh-v42v diff --git a/vulns/django-spirit/PYSEC-0000-django-spirit-GHSA-5p9j-w2wx-qx4c.yaml b/vulns/django-spirit/PYSEC-0000-django-spirit-GHSA-5p9j-w2wx-qx4c.yaml new file mode 100644 index 000000000..8105e352b --- /dev/null +++ b/vulns/django-spirit/PYSEC-0000-django-spirit-GHSA-5p9j-w2wx-qx4c.yaml @@ -0,0 +1,34 @@ +id: PYSEC-0000-django-spirit-GHSA-5p9j-w2wx-qx4c +modified: '2026-07-02T14:13:15.599008Z' +published: '2026-07-02T14:13:15.599008Z' +aliases: +- CVE-2022-0869 +- GHSA-5p9j-w2wx-qx4c +summary: Open Redirect in django-spirit +details: django-spirit prior to version 0.12.3 is vulnerable to open redirect. In the /user/login endpoint, it doesn't check the value of the next parameter when the user is logged in and passes it directly to redirect which result to open redirect. This also affects /user/logout, /user/register, /user/login, /user/resend-activation. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: django-spirit + purl: pkg:pypi/django-spirit + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.12.3 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-0869 +- type: WEB + url: https://github.com/nitely/spirit/commit/8f32f89654d6c30d56e0dd167059d32146fb32ef +- type: PACKAGE + url: https://github.com/nitely/spirit +- type: WEB + url: https://huntr.dev/bounties/ed335a88-f68c-4e4d-ac85-f29a51b03342 +- type: PACKAGE + url: https://pypi.org/project/django-spirit +- type: ADVISORY + url: https://github.com/advisories/GHSA-5p9j-w2wx-qx4c diff --git a/vulns/django-tinymce/PYSEC-0000-django-tinymce-GHSA-r8hm-w5f7-wj39.yaml b/vulns/django-tinymce/PYSEC-0000-django-tinymce-GHSA-r8hm-w5f7-wj39.yaml new file mode 100644 index 000000000..85889e55d --- /dev/null +++ b/vulns/django-tinymce/PYSEC-0000-django-tinymce-GHSA-r8hm-w5f7-wj39.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-django-tinymce-GHSA-r8hm-w5f7-wj39 +modified: '2026-07-02T14:13:13.735617Z' +published: '2026-07-02T14:13:13.735617Z' +aliases: +- CVE-2024-21910 +- GHSA-r8hm-w5f7-wj39 +summary: Cross-site scripting vulnerability in TinyMCE plugins +details: "### Impact\nA cross-site scripting (XSS) vulnerability was discovered in the URL processing logic of the `image` and `link` plugins. The vulnerability allowed arbitrary JavaScript execution when updating an image or link using a specially crafted URL. This issue only impacted users while editing and the dangerous URLs were stripped in any content extracted from the editor. This impacts all users who are using TinyMCE 5.9.2 or lower.\n\n### Patches\nThis vulnerability has been patched in TinyMCE 5.10.0 by improved sanitization logic when updating URLs in the relevant plugins.\n\n### Workarounds\nTo work around this vulnerability, either:\n- Upgrade to TinyMCE 5.10.0 or higher\n- Disable the `image` and `link` plugins\n\n### Acknowledgements\nTiny Technologies would like to thank Yakir6 for discovering this vulnerability.\n\n### References\nhttps://www.tiny.cloud/docs/release-notes/release-notes510/#securityfixes\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email us at [infosec@tiny.cloud](mailto:infosec@tiny.cloud)\n* Open an issue in the [TinyMCE repo](https://github.com/tinymce/tinymce/issues)" +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: django-tinymce + purl: pkg:pypi/django-tinymce + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 3.4.0 +references: +- type: WEB + url: https://github.com/tinymce/tinymce/security/advisories/GHSA-r8hm-w5f7-wj39 +- type: WEB + url: https://github.com/jazzband/django-tinymce/issues/366 +- type: WEB + url: https://github.com/jazzband/django-tinymce/releases/tag/3.4.0 +- type: PACKAGE + url: https://github.com/tinymce/tinymce +- type: WEB + url: https://pypi.org/project/django-tinymce/3.4.0 +- type: PACKAGE + url: https://pypi.org/project/django-tinymce +- type: ADVISORY + url: https://github.com/advisories/GHSA-r8hm-w5f7-wj39 +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2024-21910 diff --git a/vulns/django/PYSEC-0000-django-GHSA-6c3j-c64m-qhgq.yaml b/vulns/django/PYSEC-0000-django-GHSA-6c3j-c64m-qhgq.yaml new file mode 100644 index 000000000..ea6de3937 --- /dev/null +++ b/vulns/django/PYSEC-0000-django-GHSA-6c3j-c64m-qhgq.yaml @@ -0,0 +1,248 @@ +id: PYSEC-0000-django-GHSA-6c3j-c64m-qhgq +modified: '2026-07-02T14:13:09.430399Z' +published: '2026-07-02T14:13:09.430399Z' +aliases: +- CVE-2019-11358 +- GHSA-6c3j-c64m-qhgq +summary: XSS in jQuery as used in Drupal, Backdrop CMS, and other products +details: jQuery from 1.1.4 until 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles `jQuery.extend(true, {}, ...)` because of `Object.prototype` pollution. If an unsanitized source object contained an enumerable `__proto__` property, it could extend the native `Object.prototype`. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: django + purl: pkg:pypi/django + ranges: + - type: ECOSYSTEM + events: + - introduced: 2.0a1 + - fixed: 2.1.9 + - introduced: 2.2a1 + - fixed: 2.2.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2019-11358 +- type: WEB + url: https://github.com/maximebf/php-debugbar/issues/447 +- type: WEB + url: https://github.com/jquery/jquery/pull/4333 +- type: WEB + url: https://github.com/maximebf/php-debugbar/commit/847216e60544258c881f2733d699bbcfeefac0fc +- type: WEB + url: https://github.com/django/django/commit/34ec52269ade54af31a021b12969913129571a3f +- type: WEB + url: https://github.com/django/django/commit/95649bc08547a878cebfa1d019edec8cb1b80829 +- type: WEB + url: https://github.com/django/django/commit/baaf187a4e354bf3976c51e2c83a0d2f8ee6e6ad +- type: WEB + url: https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5 +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5 +- type: WEB + url: https://seclists.org/bugtraq/2019/Apr/32 +- type: WEB + url: https://seclists.org/bugtraq/2019/Jun/12 +- type: WEB + url: https://seclists.org/bugtraq/2019/May/18 +- type: WEB + url: https://www.tenable.com/security/tns-2020-02 +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA +- type: WEB + url: https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html +- type: WEB + url: https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html +- type: WEB + url: https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html +- type: WEB + url: https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html +- type: WEB + url: https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d@%3Cissues.flink.apache.org%3E +- type: WEB + url: https://www.tenable.com/security/tns-2019-08 +- type: WEB + url: https://www.synology.com/security/advisory/Synology_SA_19_19 +- type: WEB + url: https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery +- type: WEB + url: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html +- type: WEB + url: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpuoct2021.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpuoct2020.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpujul2020.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpujan2022.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpujan2021.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpujan2020.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpuapr2020.html +- type: WEB + url: https://www.oracle.com/security-alerts/cpuApr2021.html +- type: WEB + url: https://www.oracle.com//security-alerts/cpujul2021.html +- type: WEB + url: https://www.drupal.org/sa-core-2019-006 +- type: WEB + url: https://www.djangoproject.com/weblog/2019/jun/03/security-releases +- type: WEB + url: https://www.debian.org/security/2019/dsa-4460 +- type: WEB + url: https://www.debian.org/security/2019/dsa-4434 +- type: WEB + url: https://web.archive.org/web/20190824065237/http://www.securityfocus.com/bid/108023 +- type: WEB + url: https://supportportal.juniper.net/s/article/2021-07-Security-Bulletin-Junos-OS-Multiple-J-Web-vulnerabilities-resolved-in-Junos-OS-21-2R1 +- type: WEB + url: https://snyk.io/vuln/SNYK-JS-JQUERY-174006 +- type: WEB + url: https://security.snyk.io/vuln/SNYK-DOTNET-JQUERY-450226 +- type: WEB + url: https://security.netapp.com/advisory/ntap-20190919-0001 +- type: WEB + url: https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7%40%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f%40%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844%40%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc%40%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44601 +- type: WEB + url: https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-rails/CVE-2019-11358.yml +- type: WEB + url: https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#434 +- type: PACKAGE + url: https://github.com/jquery/jquery +- type: WEB + url: https://blog.jquery.com/2019/04/10/jquery-3-4-0-released +- type: WEB + url: https://backdropcms.org/security/backdrop-sa-core-2019-009 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2019:3024 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2019:3023 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2019:2587 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2019:1456 +- type: WEB + url: https://access.redhat.com/errata/RHBA-2019:1570 +- type: WEB + url: https://lists.apache.org/thread.html/rac25da84ecdcd36f6de5ad0d255f4e967209bbbebddb285e231da37d%40%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73@%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r7e8ebccb7c022e41295f6fdb7b971209b83702339f872ddd8cf8bf73%40%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734@%3Cdev.storm.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r7d64895cc4dff84d0becfc572b20c0e4bf9bfa7b10c6f5f73e783734%40%3Cdev.storm.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355@%3Cdev.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r7aac081cbddb6baa24b75e74abf0929bf309b176755a53e3ed810355%40%3Cdev.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08@%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r41b5bfe009c845f67d4f68948cc9419ac2d62e287804aafd72892b08%40%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766@%3Cdev.syncope.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r38f0d1aa3c923c22977fe7376508f030f22e22c1379fbb155bf29766%40%3Cdev.syncope.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa@%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r2baacab6e0acb5a2092eb46ae04fd6c3e8277b4fd79b1ffb7f3254fa%40%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9@%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/r2041a75d3fc09dec55adfd95d598b38d22715303f65c997c054844c9%40%3Cissues.flink.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6%40%3Ccommits.roller.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E +- type: WEB + url: https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205%40%3Ccommits.airflow.apache.org%3E +- type: WEB + url: http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html +- type: WEB + url: http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html +- type: WEB + url: http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html +- type: WEB + url: http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html +- type: WEB + url: http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html +- type: WEB + url: http://seclists.org/fulldisclosure/2019/May/10 +- type: WEB + url: http://seclists.org/fulldisclosure/2019/May/11 +- type: WEB + url: http://seclists.org/fulldisclosure/2019/May/13 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2019/06/03/2 +- type: WEB + url: http://www.securityfocus.com/bid/108023 +- type: PACKAGE + url: https://pypi.org/project/django +- type: ADVISORY + url: https://github.com/advisories/GHSA-6c3j-c64m-qhgq diff --git a/vulns/django/PYSEC-0000-django-GHSA-mwv2-398h-v489.yaml b/vulns/django/PYSEC-0000-django-GHSA-mwv2-398h-v489.yaml new file mode 100644 index 000000000..45c68344d --- /dev/null +++ b/vulns/django/PYSEC-0000-django-GHSA-mwv2-398h-v489.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-django-GHSA-mwv2-398h-v489 +modified: '2026-07-02T14:13:19.912742Z' +published: '2026-07-02T14:13:19.912742Z' +aliases: +- CVE-2007-0405 +- GHSA-mwv2-398h-v489 +summary: Django Improper Access Control +details: The LazyUser class in the AuthenticationMiddleware for Django 0.95 does not properly cache the user name across requests, which allows remote authenticated users to gain the privileges of a different user. +severity: [] +affected: +- package: + ecosystem: PyPI + name: django + purl: pkg:pypi/django + ranges: + - type: ECOSYSTEM + events: + - introduced: '0.95' + - fixed: '1.0' + versions: + - '0.95' +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-0405 +- type: WEB + url: https://github.com/django/django/commit/3c5782287e +- type: WEB + url: https://github.com/django/django/commit/e89f0a65581f82a5740bfe989136cea75d09cd67 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/31628 +- type: PACKAGE + url: https://github.com/django/django +- type: WEB + url: http://code.djangoproject.com/changeset/3754 +- type: PACKAGE + url: https://pypi.org/project/django +- type: ADVISORY + url: https://github.com/advisories/GHSA-mwv2-398h-v489 diff --git a/vulns/django/PYSEC-0000-django-GHSA-qc99-g3wm-hgxr.yaml b/vulns/django/PYSEC-0000-django-GHSA-qc99-g3wm-hgxr.yaml new file mode 100644 index 000000000..b339ad8f8 --- /dev/null +++ b/vulns/django/PYSEC-0000-django-GHSA-qc99-g3wm-hgxr.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-django-GHSA-qc99-g3wm-hgxr +modified: '2026-07-02T14:13:20.006998Z' +published: '2026-07-02T14:13:20.006998Z' +aliases: +- CVE-2007-0404 +- GHSA-qc99-g3wm-hgxr +summary: Django Arbitrary Code Execution +details: '`bin/compile-messages.py` in Django 0.95 does not quote argument strings before invoking the msgfmt program through the os.system function, which allows attackers to execute arbitrary commands via shell metacharacters in a (1) .po or (2) .mo file.' +severity: [] +affected: +- package: + ecosystem: PyPI + name: django + purl: pkg:pypi/django + ranges: + - type: ECOSYSTEM + events: + - introduced: '0.95' + - fixed: '1.0' + versions: + - '0.95' +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-0404 +- type: WEB + url: https://github.com/django/django/commit/518d406e53 +- type: WEB + url: https://github.com/django/django/commit/a132d411c6986418ee6c0edc331080aa792fee6e +- type: WEB + url: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=407519 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/31627 +- type: PACKAGE + url: https://github.com/django/django +- type: WEB + url: http://code.djangoproject.com/changeset/3592 +- type: PACKAGE + url: https://pypi.org/project/django +- type: ADVISORY + url: https://github.com/advisories/GHSA-qc99-g3wm-hgxr diff --git a/vulns/duplicity/PYSEC-0000-duplicity-GHSA-wxcw-rqxc-hj85.yaml b/vulns/duplicity/PYSEC-0000-duplicity-GHSA-wxcw-rqxc-hj85.yaml new file mode 100644 index 000000000..c370dd063 --- /dev/null +++ b/vulns/duplicity/PYSEC-0000-duplicity-GHSA-wxcw-rqxc-hj85.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-duplicity-GHSA-wxcw-rqxc-hj85 +modified: '2026-07-02T14:13:20.444898Z' +published: '2026-07-02T14:13:20.444898Z' +aliases: +- CVE-2007-5201 +- GHSA-wxcw-rqxc-hj85 +summary: FTP backend for Duplicity Discloses Passwords to Process Listing +details: The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments. +severity: [] +affected: +- package: + ecosystem: PyPI + name: duplicity + purl: pkg:pypi/duplicity + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.4.9 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-5201 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=293081 +- type: PACKAGE + url: https://gitlab.com/duplicity/duplicity +- type: WEB + url: https://web.archive.org/web/20080118045107/https://duplicity.nongnu.org/CHANGELOG +- type: WEB + url: https://web.archive.org/web/20200228164800/http://www.securityfocus.com/bid/27771 +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00356.html +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00445.html +- type: WEB + url: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840 +- type: PACKAGE + url: https://pypi.org/project/duplicity +- type: ADVISORY + url: https://github.com/advisories/GHSA-wxcw-rqxc-hj85 diff --git a/vulns/elastic-apm/PYSEC-0000-elastic-apm-GHSA-r562-m862-63w3.yaml b/vulns/elastic-apm/PYSEC-0000-elastic-apm-GHSA-r562-m862-63w3.yaml new file mode 100644 index 000000000..29ab5513d --- /dev/null +++ b/vulns/elastic-apm/PYSEC-0000-elastic-apm-GHSA-r562-m862-63w3.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-elastic-apm-GHSA-r562-m862-63w3 +modified: '2026-07-02T14:13:14.213376Z' +published: '2026-07-02T14:13:14.213376Z' +aliases: +- CVE-2021-37941 +- GHSA-r562-m862-63w3 +summary: APM Java Agent Local Privilege Escalation +details: A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess. This vulnerability affects users that have set up the agent via the attacher cli 3, the attach API 2, as well as users that have enabled the profiling_inferred_spans_enabled option +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H +affected: +- package: + ecosystem: PyPI + name: elastic-apm + purl: pkg:pypi/elastic-apm + ranges: + - type: ECOSYSTEM + events: + - introduced: 1.10.0 + - fixed: 1.27.0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-37941 +- type: WEB + url: https://discuss.elastic.co/t/apm-java-agent-security-update/289627 +- type: PACKAGE + url: https://github.com/elastic/apm-agent-python +- type: PACKAGE + url: https://pypi.org/project/elastic-apm +- type: ADVISORY + url: https://github.com/advisories/GHSA-r562-m862-63w3 diff --git a/vulns/flask-appbuilder/PYSEC-0000-flask-appbuilder-GHSA-2ccw-7px8-vmpf.yaml b/vulns/flask-appbuilder/PYSEC-0000-flask-appbuilder-GHSA-2ccw-7px8-vmpf.yaml new file mode 100644 index 000000000..a69653433 --- /dev/null +++ b/vulns/flask-appbuilder/PYSEC-0000-flask-appbuilder-GHSA-2ccw-7px8-vmpf.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-flask-appbuilder-GHSA-2ccw-7px8-vmpf +modified: '2026-07-02T14:13:17.201505Z' +published: '2026-07-02T14:13:17.201505Z' +aliases: +- CVE-2022-24776 +- GHSA-2ccw-7px8-vmpf +summary: Open Redirect in Flask-AppBuilder +details: "Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 3.4.5 contain an open redirect vulnerability when using the database authentication login page. There are no known workarounds. Users are recommended to upgrade to version 3.4.5 or later.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [Flask-AppBuilder](https://github.com/dpgaspar/Flask-AppBuilder)\n" +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: flask-appbuilder + purl: pkg:pypi/flask-appbuilder + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 3.4.5 +references: +- type: WEB + url: https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-2ccw-7px8-vmpf +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-24776 +- type: WEB + url: https://github.com/dpgaspar/Flask-AppBuilder/pull/1804 +- type: WEB + url: https://github.com/dpgaspar/Flask-AppBuilder/pull/1804/commits/5214d975ebad2ff32057443d2cc20fef1c04d0ea +- type: PACKAGE + url: https://github.com/dpgaspar/Flask-AppBuilder +- type: WEB + url: https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v3.4.5 +- type: PACKAGE + url: https://pypi.org/project/flask-appbuilder +- type: ADVISORY + url: https://github.com/advisories/GHSA-2ccw-7px8-vmpf diff --git a/vulns/freeipa/PYSEC-0000-freeipa-GHSA-7hpj-hfcr-5qwm.yaml b/vulns/freeipa/PYSEC-0000-freeipa-GHSA-7hpj-hfcr-5qwm.yaml new file mode 100644 index 000000000..d81eb68e9 --- /dev/null +++ b/vulns/freeipa/PYSEC-0000-freeipa-GHSA-7hpj-hfcr-5qwm.yaml @@ -0,0 +1,54 @@ +id: PYSEC-0000-freeipa-GHSA-7hpj-hfcr-5qwm +modified: '2026-07-02T14:13:14.030552Z' +published: '2026-07-02T14:13:14.030552Z' +aliases: +- CVE-2019-14867 +- GHSA-7hpj-hfcr-5qwm +summary: Code injection in FreeIPA +details: A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA server to crash or in some conditions, cause arbitrary code to be executed on the server hosting the IPA server. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H +- type: CVSS_V4 + score: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N +affected: +- package: + ecosystem: PyPI + name: freeipa + purl: pkg:pypi/freeipa + ranges: + - type: ECOSYSTEM + events: + - introduced: 4.6.2 + - fixed: 4.6.7 + - introduced: 4.7.0 + - fixed: 4.7.4 + - introduced: 4.8.0 + - fixed: 4.8.3 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2019-14867 +- type: WEB + url: https://access.redhat.com/errata/RHBA-2019:4268 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2020:0378 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14867 +- type: ADVISORY + url: https://github.com/advisories/GHSA-7hpj-hfcr-5qwm +- type: WEB + url: https://github.com/pypa/advisory-database/tree/main/vulns/ipa/PYSEC-2019-28.yaml +- type: WEB + url: https://github.com/pypa/advisory-db/tree/main/vulns/ipa/PYSEC-2019-28.yaml +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/67SEUWJAJ5RMH5K4Q6TS2I7HIMXUGNKF +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLFL5XDCJ3WT6JCLCQVKHZBLHGW7PW4T +- type: WEB + url: https://www.freeipa.org/page/Releases/4.6.7 +- type: WEB + url: https://www.freeipa.org/page/Releases/4.7.4 +- type: WEB + url: https://www.freeipa.org/page/Releases/4.8.3 +- type: PACKAGE + url: https://pypi.org/project/freeipa diff --git a/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-7cr9-rmqr-fpqp.yaml b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-7cr9-rmqr-fpqp.yaml new file mode 100644 index 000000000..a8ab2848e --- /dev/null +++ b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-7cr9-rmqr-fpqp.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-freetakserver-ui-GHSA-7cr9-rmqr-fpqp +modified: '2026-07-02T14:13:16.273228Z' +published: '2026-07-02T14:13:16.273228Z' +aliases: +- CVE-2022-25511 +- GHSA-7cr9-rmqr-fpqp +summary: Path traversal in FreeTAKServer-UI +details: An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N +affected: +- package: + ecosystem: PyPI + name: freetakserver-ui + purl: pkg:pypi/freetakserver-ui + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.9.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-25511 +- type: WEB + url: https://github.com/FreeTAKTeam/UI/issues/29 +- type: PACKAGE + url: https://github.com/FreeTAKTeam/UI +- type: PACKAGE + url: https://pypi.org/project/freetakserver-ui +- type: ADVISORY + url: https://github.com/advisories/GHSA-7cr9-rmqr-fpqp diff --git a/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-9988-f88m-mr42.yaml b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-9988-f88m-mr42.yaml new file mode 100644 index 000000000..a53bedc5f --- /dev/null +++ b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-9988-f88m-mr42.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-freetakserver-ui-GHSA-9988-f88m-mr42 +modified: '2026-07-02T14:13:16.124889Z' +published: '2026-07-02T14:13:16.124889Z' +aliases: +- CVE-2022-25512 +- GHSA-9988-f88m-mr42 +summary: Exposure of Sensitive Information to an Unauthorized Actor in FreeTAKServer-UI +details: FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N +affected: +- package: + ecosystem: PyPI + name: freetakserver-ui + purl: pkg:pypi/freetakserver-ui + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.9.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-25512 +- type: WEB + url: https://github.com/FreeTAKTeam/UI/issues/26 +- type: PACKAGE + url: https://github.com/FreeTAKTeam/UI +- type: PACKAGE + url: https://pypi.org/project/freetakserver-ui +- type: ADVISORY + url: https://github.com/advisories/GHSA-9988-f88m-mr42 diff --git a/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-gjh6-wvhq-h4qx.yaml b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-gjh6-wvhq-h4qx.yaml new file mode 100644 index 000000000..1bc34c4df --- /dev/null +++ b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-gjh6-wvhq-h4qx.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-freetakserver-ui-GHSA-gjh6-wvhq-h4qx +modified: '2026-07-02T14:13:16.200355Z' +published: '2026-07-02T14:13:16.200355Z' +aliases: +- CVE-2022-25507 +- GHSA-gjh6-wvhq-h4qx +summary: Cross-site Scripting in FreeTAKServer-UI +details: FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Callsign parameter. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: freetakserver-ui + purl: pkg:pypi/freetakserver-ui + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.9.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-25507 +- type: WEB + url: https://github.com/FreeTAKTeam/UI/issues/28 +- type: PACKAGE + url: https://github.com/FreeTAKTeam/UI +- type: PACKAGE + url: https://pypi.org/project/freetakserver-ui +- type: ADVISORY + url: https://github.com/advisories/GHSA-gjh6-wvhq-h4qx diff --git a/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-jr2m-29wj-w9qc.yaml b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-jr2m-29wj-w9qc.yaml new file mode 100644 index 000000000..995270a58 --- /dev/null +++ b/vulns/freetakserver-ui/PYSEC-0000-freetakserver-ui-GHSA-jr2m-29wj-w9qc.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-freetakserver-ui-GHSA-jr2m-29wj-w9qc +modified: '2026-07-02T14:13:16.036947Z' +published: '2026-07-02T14:13:16.036947Z' +aliases: +- CVE-2022-25506 +- GHSA-jr2m-29wj-w9qc +summary: SQL Injection in FreeTAKServer-UI +details: FreeTAKServer-UI v1.9.8 was discovered to contain a SQL injection vulnerability via the API endpoint /AuthenticateUser. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N +affected: +- package: + ecosystem: PyPI + name: freetakserver-ui + purl: pkg:pypi/freetakserver-ui + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.9.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-25506 +- type: WEB + url: https://github.com/FreeTAKTeam/UI/issues/27 +- type: PACKAGE + url: https://github.com/FreeTAKTeam/UI +- type: PACKAGE + url: https://pypi.org/project/freetakserver-ui +- type: ADVISORY + url: https://github.com/advisories/GHSA-jr2m-29wj-w9qc diff --git a/vulns/horizon/PYSEC-0000-horizon-GHSA-8g68-2hcj-h8vg.yaml b/vulns/horizon/PYSEC-0000-horizon-GHSA-8g68-2hcj-h8vg.yaml new file mode 100644 index 000000000..2d556a65e --- /dev/null +++ b/vulns/horizon/PYSEC-0000-horizon-GHSA-8g68-2hcj-h8vg.yaml @@ -0,0 +1,60 @@ +id: PYSEC-0000-horizon-GHSA-8g68-2hcj-h8vg +modified: '2026-07-02T14:13:23.057018Z' +published: '2026-07-02T14:13:23.057018Z' +aliases: +- CVE-2014-3594 +- GHSA-8g68-2hcj-h8vg +summary: OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability in the Host Aggregates interface +details: Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name. +severity: [] +affected: +- package: + ecosystem: PyPI + name: horizon + purl: pkg:pypi/horizon + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2014-3594 +- type: WEB + url: https://github.com/openstack/horizon/commit/ba2c98aea0db0d03200c811b86b3efe8367f3905 +- type: WEB + url: https://github.com/openstack/horizon/commit/ba908ae88d5925f4f6783eb234cc4ea95017472b +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1188 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1335 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1336 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2014-3594 +- type: WEB + url: https://bugs.launchpad.net/horizon/+bug/1349491 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1129774 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/95378 +- type: WEB + url: https://review.openstack.org/#/c/115310 +- type: WEB + url: https://review.openstack.org/#/c/115311 +- type: WEB + url: https://review.openstack.org/#/c/115313 +- type: WEB + url: http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2014-1335.html +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2014-1336.html +- type: WEB + url: http://seclists.org/oss-sec/2014/q3/413 +- type: WEB + url: http://www.securityfocus.com/bid/69291 +- type: PACKAGE + url: https://pypi.org/project/horizon +- type: ADVISORY + url: https://github.com/advisories/GHSA-8g68-2hcj-h8vg diff --git a/vulns/horizon/PYSEC-0000-horizon-GHSA-8vwv-2v7v-jmgr.yaml b/vulns/horizon/PYSEC-0000-horizon-GHSA-8vwv-2v7v-jmgr.yaml new file mode 100644 index 000000000..c0b6abd99 --- /dev/null +++ b/vulns/horizon/PYSEC-0000-horizon-GHSA-8vwv-2v7v-jmgr.yaml @@ -0,0 +1,48 @@ +id: PYSEC-0000-horizon-GHSA-8vwv-2v7v-jmgr +modified: '2026-07-02T14:13:23.188473Z' +published: '2026-07-02T14:13:23.188473Z' +aliases: +- CVE-2014-3473 +- GHSA-8vwv-2v7v-jmgr +summary: Horizon-Orchestration Cross-site scripting (XSS) vulnerability through resource name +details: Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in the Horizon Orchestration dashboard in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2, when used with Heat, allows remote Orchestration template owners or catalogs to inject arbitrary web script or HTML via a crafted template. +severity: [] +affected: +- package: + ecosystem: PyPI + name: horizon + purl: pkg:pypi/horizon + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2014-3473 +- type: WEB + url: https://github.com/openstack/horizon/commit/c844bd692894353c60b320005b804970605e910f +- type: WEB + url: https://github.com/openstack/horizon/commit/de4466d88b816437fb29eff5ab23b9b964cd3985 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:0939 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1188 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2014-3473 +- type: WEB + url: https://bugs.launchpad.net/horizon/+bug/1308727 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1116090 +- type: PACKAGE + url: https://opendev.org/openstack/horizon +- type: WEB + url: http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html +- type: WEB + url: http://www.openwall.com/lists/oss-security/2014/07/08/6 +- type: WEB + url: http://www.securityfocus.com/bid/68459 +- type: PACKAGE + url: https://pypi.org/project/horizon +- type: ADVISORY + url: https://github.com/advisories/GHSA-8vwv-2v7v-jmgr diff --git a/vulns/horizon/PYSEC-0000-horizon-GHSA-grm6-x6mr-q3cv.yaml b/vulns/horizon/PYSEC-0000-horizon-GHSA-grm6-x6mr-q3cv.yaml new file mode 100644 index 000000000..6c41a589d --- /dev/null +++ b/vulns/horizon/PYSEC-0000-horizon-GHSA-grm6-x6mr-q3cv.yaml @@ -0,0 +1,64 @@ +id: PYSEC-0000-horizon-GHSA-grm6-x6mr-q3cv +modified: '2026-07-02T14:13:22.820828Z' +published: '2026-07-02T14:13:22.820828Z' +aliases: +- CVE-2016-4428 +- GHSA-grm6-x6mr-q3cv +summary: OpenStack Dashboard (Horizon) Cross-site scripting (XSS) vulnerability +details: Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: horizon + purl: pkg:pypi/horizon + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.2 + - introduced: 9.0.0 + - fixed: 9.1.0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2016-4428 +- type: WEB + url: https://github.com/openstack/horizon/commit/62b4e6f30a7ae7961805abdffdb3c7ae5c2b676a +- type: WEB + url: https://github.com/openstack/horizon/commit/d585e5eb9acf92d10d39b6c2038917a7e8ac71bb +- type: WEB + url: https://github.com/openstack/horizon/commit/fc8d70560401f3985e5672a4c580f10d51e985a4 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1268 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1269 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1270 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1271 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1272 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2016-4428 +- type: WEB + url: https://bugs.launchpad.net/horizon/+bug/1567673 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1343982 +- type: WEB + url: https://review.openstack.org/329996 +- type: WEB + url: https://review.openstack.org/329997 +- type: WEB + url: https://review.openstack.org/329998 +- type: WEB + url: https://security.openstack.org/ossa/OSSA-2016-010.html +- type: WEB + url: http://www.debian.org/security/2016/dsa-3617 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2016/06/17/4 +- type: PACKAGE + url: https://pypi.org/project/horizon +- type: ADVISORY + url: https://github.com/advisories/GHSA-grm6-x6mr-q3cv diff --git a/vulns/horizon/PYSEC-0000-horizon-GHSA-j57p-g33w-95c5.yaml b/vulns/horizon/PYSEC-0000-horizon-GHSA-j57p-g33w-95c5.yaml new file mode 100644 index 000000000..40925f134 --- /dev/null +++ b/vulns/horizon/PYSEC-0000-horizon-GHSA-j57p-g33w-95c5.yaml @@ -0,0 +1,54 @@ +id: PYSEC-0000-horizon-GHSA-j57p-g33w-95c5 +modified: '2026-07-02T14:13:23.115590Z' +published: '2026-07-02T14:13:23.115590Z' +aliases: +- CVE-2014-3474 +- GHSA-j57p-g33w-95c5 +summary: OpenStack Horizon Cross-site scripting (XSS) vulnerability +details: Cross-site scripting (XSS) vulnerability in `horizon/static/horizon/js/horizon.instances.js` in the Launch Instance menu in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a network name. +severity: [] +affected: +- package: + ecosystem: PyPI + name: horizon + purl: pkg:pypi/horizon + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2014-3474 +- type: WEB + url: https://github.com/openstack/horizon/commit/32a7b713468161282f2ea01d5e2faff980d924cd +- type: WEB + url: https://github.com/openstack/horizon/commit/c844bd692894353c60b320005b804970605e910f +- type: WEB + url: https://github.com/openstack/horizon/commit/de4466d88b816437fb29eff5ab23b9b964cd3985 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:0939 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1188 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2014-3474 +- type: WEB + url: https://bugs.launchpad.net/horizon/+bug/1322197 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1116090 +- type: PACKAGE + url: https://opendev.org/openstack/horizon +- type: WEB + url: https://review.opendev.org/c/openstack/horizon/+/105476 +- type: WEB + url: https://review.openstack.org/#/c/105477 +- type: WEB + url: http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html +- type: WEB + url: http://www.openwall.com/lists/oss-security/2014/07/08/6 +- type: WEB + url: http://www.securityfocus.com/bid/68460 +- type: PACKAGE + url: https://pypi.org/project/horizon +- type: ADVISORY + url: https://github.com/advisories/GHSA-j57p-g33w-95c5 diff --git a/vulns/instack-undercloud/PYSEC-0000-instack-undercloud-GHSA-53wm-97p6-582f.yaml b/vulns/instack-undercloud/PYSEC-0000-instack-undercloud-GHSA-53wm-97p6-582f.yaml new file mode 100644 index 000000000..da1117803 --- /dev/null +++ b/vulns/instack-undercloud/PYSEC-0000-instack-undercloud-GHSA-53wm-97p6-582f.yaml @@ -0,0 +1,50 @@ +id: PYSEC-0000-instack-undercloud-GHSA-53wm-97p6-582f +modified: '2026-07-02T14:13:22.649014Z' +published: '2026-07-02T14:13:22.649014Z' +aliases: +- CVE-2017-7549 +- GHSA-53wm-97p6-582f +summary: instack-undercloud vulnerable to symlink attack on tmp files +details: A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: instack-undercloud + purl: pkg:pypi/instack-undercloud + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 7.2.0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2017-7549 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2557 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2649 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2687 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2693 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2726 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2017-7549 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1477403 +- type: WEB + url: https://github.com/pypa/advisory-database/tree/main/vulns/instack/PYSEC-2017-152.yaml +- type: WEB + url: https://opendev.org/openstack/instack-undercloud +- type: WEB + url: https://web.archive.org/web/20170907040549/http://www.securityfocus.com/bid/100407 +- type: WEB + url: http://www.securityfocus.com/bid/100407 +- type: PACKAGE + url: https://pypi.org/project/instack-undercloud +- type: ADVISORY + url: https://github.com/advisories/GHSA-53wm-97p6-582f diff --git a/vulns/ironic/PYSEC-0000-ironic-GHSA-f7cr-7c2c-fm8r.yaml b/vulns/ironic/PYSEC-0000-ironic-GHSA-f7cr-7c2c-fm8r.yaml new file mode 100644 index 000000000..57ccd9631 --- /dev/null +++ b/vulns/ironic/PYSEC-0000-ironic-GHSA-f7cr-7c2c-fm8r.yaml @@ -0,0 +1,56 @@ +id: PYSEC-0000-ironic-GHSA-f7cr-7c2c-fm8r +modified: '2026-07-02T14:13:22.984032Z' +published: '2026-07-02T14:13:22.984032Z' +aliases: +- CVE-2016-4985 +- GHSA-f7cr-7c2c-fm8r +summary: OpenStack Ironic Exposure of Sensitive Information to an Unauthorized Actor +details: The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the `v1/drivers/$DRIVER_NAME/vendor_passthru` resource. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N +affected: +- package: + ecosystem: PyPI + name: ironic + purl: pkg:pypi/ironic + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 4.2.5 + - introduced: '5.0' + - fixed: 5.1.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2016-4985 +- type: WEB + url: https://github.com/openstack/ironic/commit/426a306fb580762e97ada04e1253dedd9b64d410 +- type: WEB + url: https://github.com/openstack/ironic/commit/affec224977174581d19a2b914772cb0409f633e +- type: WEB + url: https://github.com/openstack/ironic/commit/f5a3ff1dfcde068769f9a2a477ba6a9edaf69c77 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1377 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2016:1378 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2016-4985 +- type: WEB + url: https://bugs.launchpad.net/ironic/+bug/1572796 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1346193 +- type: PACKAGE + url: https://github.com/openstack/ironic +- type: WEB + url: https://review.openstack.org/332195 +- type: WEB + url: https://review.openstack.org/332196 +- type: WEB + url: https://review.openstack.org/332197 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2016/06/21/6 +- type: PACKAGE + url: https://pypi.org/project/ironic +- type: ADVISORY + url: https://github.com/advisories/GHSA-f7cr-7c2c-fm8r diff --git a/vulns/jupyterhub/PYSEC-0000-jupyterhub-GHSA-rv62-4pmj-xw6h.yaml b/vulns/jupyterhub/PYSEC-0000-jupyterhub-GHSA-rv62-4pmj-xw6h.yaml new file mode 100644 index 000000000..a17ec39de --- /dev/null +++ b/vulns/jupyterhub/PYSEC-0000-jupyterhub-GHSA-rv62-4pmj-xw6h.yaml @@ -0,0 +1,44 @@ +id: PYSEC-0000-jupyterhub-GHSA-rv62-4pmj-xw6h +modified: '2026-07-02T14:13:09.322452Z' +published: '2026-07-02T14:13:09.322452Z' +aliases: +- CVE-2019-10255 +- GHSA-rv62-4pmj-xw6h +summary: Open Redirect vulnerability in jupyterhub and notebook +details: An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.8 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.6 allows crafted links to the login page, which will redirect to a malicious site after successful login. Servers running on a base_url prefix are not affected. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: jupyterhub + purl: pkg:pypi/jupyterhub + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.9.6 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2019-10255 +- type: WEB + url: https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb +- type: WEB + url: https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b +- type: WEB + url: https://github.com/jupyter/notebook/commit/d65328d4841892b412aef9015165db1eb029a8ed +- type: WEB + url: https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4 +- type: ADVISORY + url: https://github.com/advisories/GHSA-rv62-4pmj-xw6h +- type: PACKAGE + url: https://github.com/jupyter/notebook +- type: WEB + url: https://github.com/jupyter/notebook/compare/05aa4b2...16cf97c +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UP5RLEES2JBBNSNLBR65XM6PCD4EMF7D +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMDPJBVXOVO6LYGAT46VZNHH6JKSCURO +- type: PACKAGE + url: https://pypi.org/project/jupyterhub diff --git a/vulns/kallithea/PYSEC-0000-kallithea-GHSA-799h-qr84-pcrp.yaml b/vulns/kallithea/PYSEC-0000-kallithea-GHSA-799h-qr84-pcrp.yaml new file mode 100644 index 000000000..febc4fd49 --- /dev/null +++ b/vulns/kallithea/PYSEC-0000-kallithea-GHSA-799h-qr84-pcrp.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-kallithea-GHSA-799h-qr84-pcrp +modified: '2026-07-02T14:13:24.113671Z' +published: '2026-07-02T14:13:24.113671Z' +aliases: +- CVE-2016-3691 +- GHSA-799h-qr84-pcrp +summary: Kallithea Routes CSRF Bypass +details: Routes in Kallithea before 0.3.2 allows remote attackers to bypass the CSRF protection by using the GET HTTP request method. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H +affected: +- package: + ecosystem: PyPI + name: kallithea + purl: pkg:pypi/kallithea + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.3.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2016-3691 +- type: PACKAGE + url: https://github.com/NexMirror/Kallithea +- type: WEB + url: http://www.openwall.com/lists/oss-security/2016/05/02/3 +- type: PACKAGE + url: https://pypi.org/project/kallithea +- type: ADVISORY + url: https://github.com/advisories/GHSA-799h-qr84-pcrp diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-274v-r947-v34r.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-274v-r947-v34r.yaml new file mode 100644 index 000000000..fe75912e7 --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-274v-r947-v34r.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-keystone-GHSA-274v-r947-v34r +modified: '2026-07-02T14:13:23.805823Z' +published: '2026-07-02T14:13:23.805823Z' +aliases: +- CVE-2014-3476 +- GHSA-274v-r947-v34r +summary: OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege +details: OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles. +severity: [] +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2014-3476 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1324592 +- type: WEB + url: http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00031.html +- type: WEB + url: http://secunia.com/advisories/57886 +- type: WEB + url: http://secunia.com/advisories/59547 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2014/06/12/3 +- type: WEB + url: http://www.securityfocus.com/bid/68026 +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-274v-r947-v34r diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-4ppj-4p4v-jf4p.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-4ppj-4p4v-jf4p.yaml new file mode 100644 index 000000000..42024daec --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-4ppj-4p4v-jf4p.yaml @@ -0,0 +1,42 @@ +id: PYSEC-0000-keystone-GHSA-4ppj-4p4v-jf4p +modified: '2026-07-02T14:13:22.017502Z' +published: '2026-07-02T14:13:22.017502Z' +aliases: +- CVE-2013-0270 +- GHSA-4ppj-4p4v-jf4p +summary: OpenStack Keystone Denial of Service vulnerability via a large HTTP request +details: OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2013-0270 +- type: WEB + url: https://github.com/openstack/keystone/commit/7691276b869a86c2b75631d5bede9f61e030d9d8 +- type: WEB + url: https://github.com/openstack/keystone/commit/82c87e5638ebaf9f166a9b07a0155291276d6fdc +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2013-0270 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1099025 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=909012 +- type: WEB + url: https://launchpad.net/keystone/grizzly/2013.1 +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2013-0708.html +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-4ppj-4p4v-jf4p diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-7332-36h8-8jh8.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-7332-36h8-8jh8.yaml new file mode 100644 index 000000000..02cfc0ecc --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-7332-36h8-8jh8.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-keystone-GHSA-7332-36h8-8jh8 +modified: '2026-07-02T14:13:23.743769Z' +published: '2026-07-02T14:13:23.743769Z' +aliases: +- CVE-2013-2014 +- GHSA-7332-36h8-8jh8 +summary: OpenStack Identity (Keystone) Denial of Service +details: OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests. +severity: [] +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2013-2014 +- type: WEB + url: https://github.com/openstack/keystone/commit/7691276b869a86c2b75631d5bede9f61e030d9d8 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1098177 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1099025 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/84347 +- type: WEB + url: http://lists.fedoraproject.org/pipermail/package-announce/2013-July/111914.html +- type: WEB + url: http://secunia.com/advisories/53397 +- type: WEB + url: http://www.securityfocus.com/bid/59936 +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-7332-36h8-8jh8 diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-8833-qrvm-wc3h.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-8833-qrvm-wc3h.yaml new file mode 100644 index 000000000..431646770 --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-8833-qrvm-wc3h.yaml @@ -0,0 +1,46 @@ +id: PYSEC-0000-keystone-GHSA-8833-qrvm-wc3h +modified: '2026-07-02T14:13:22.090672Z' +published: '2026-07-02T14:13:22.090672Z' +aliases: +- CVE-2013-0282 +- GHSA-8833-qrvm-wc3h +summary: OpenStack Keystone allows context-dependent attackers to bypass access restrictions +details: OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions. +severity: [] +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2013-0282 +- type: WEB + url: https://github.com/openstack/keystone/commit/7402f5ef994599653bdbb3ed5ff1a2b8c3e72b9f +- type: WEB + url: https://github.com/openstack/keystone/commit/9572bfc393f66f5ce3b44c0a77a9e29cc0374c6f +- type: WEB + url: https://github.com/openstack/keystone/commit/f0b4d300db5cc61d4f079f8bce9da8e8bea1081a +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1121494 +- type: WEB + url: https://launchpad.net/keystone/+milestone/2012.2.4 +- type: WEB + url: https://launchpad.net/keystone/grizzly/2013.1 +- type: WEB + url: https://review.openstack.org/#/c/22319 +- type: WEB + url: https://review.openstack.org/#/c/22320 +- type: WEB + url: https://review.openstack.org/#/c/22321 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2013/02/19/3 +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-8833-qrvm-wc3h diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-8v8f-vc72-pmhc.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-8v8f-vc72-pmhc.yaml new file mode 100644 index 000000000..06b3f47a5 --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-8v8f-vc72-pmhc.yaml @@ -0,0 +1,52 @@ +id: PYSEC-0000-keystone-GHSA-8v8f-vc72-pmhc +modified: '2026-07-02T14:13:23.972537Z' +published: '2026-07-02T14:13:23.972537Z' +aliases: +- CVE-2014-3621 +- GHSA-8v8f-vc72-pmhc +summary: OpenStack Identity Keystone Exposure of Sensitive Information +details: The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field. +severity: [] +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2014-3621 +- type: WEB + url: https://github.com/openstack/keystone/commit/2989ff257e4fde6a168e25b926805e700406aa80 +- type: WEB + url: https://github.com/openstack/keystone/commit/52714633c9a4dae5e60279217090859aa6dbcb4f +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1688 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1789 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2014:1790 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2014-3621 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1354208 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1139937 +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2014-1688.html +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2014-1789.html +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2014-1790.html +- type: WEB + url: http://www.openwall.com/lists/oss-security/2014/09/16/10 +- type: WEB + url: http://www.ubuntu.com/usn/USN-2406-1 +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-8v8f-vc72-pmhc diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-c4p9-87h3-7vr4.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-c4p9-87h3-7vr4.yaml new file mode 100644 index 000000000..e3802c5ae --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-c4p9-87h3-7vr4.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-keystone-GHSA-c4p9-87h3-7vr4 +modified: '2026-07-02T14:13:23.908910Z' +published: '2026-07-02T14:13:23.908910Z' +aliases: +- CVE-2014-0204 +- GHSA-c4p9-87h3-7vr4 +summary: OpenStack Identity Keystone Improper Privilege Management +details: OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID. +severity: [] +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2014-0204 +- type: WEB + url: https://github.com/openstack/keystone/commit/729dcad7384ba66ee7494154969cdd7ae90d86ee +- type: WEB + url: https://github.com/openstack/keystone/commit/786af9829c5329a982e3451f77afebbfb21850bd +- type: WEB + url: https://github.com/openstack/keystone/commit/97dfd55ad1b40365754dcbfce856f7ffae280a44 +- type: WEB + url: https://github.com/openstack/keystone/commit/f0eee2f3b48dd0cffb9f75e396da2d914925cba5 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1309228 +- type: WEB + url: https://review.openstack.org/#/c/94396 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2014/05/21/3 +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-c4p9-87h3-7vr4 diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-jwpw-ppj5-7h4w.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-jwpw-ppj5-7h4w.yaml new file mode 100644 index 000000000..a340c9b3f --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-jwpw-ppj5-7h4w.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-keystone-GHSA-jwpw-ppj5-7h4w +modified: '2026-07-02T14:13:23.853843Z' +published: '2026-07-02T14:13:23.853843Z' +aliases: +- CVE-2015-3646 +- GHSA-jwpw-ppj5-7h4w +summary: OpenStack Keystone Logs Passwords +details: OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs. +severity: [] +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '2011.3' + - fixed: 2014.1.5 + - introduced: '2014.2' + - fixed: 2014.2.4 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2015-3646 +- type: WEB + url: https://bugs.launchpad.net/keystone/+bug/1443598 +- type: PACKAGE + url: https://github.com/openstack/keystone +- type: WEB + url: https://web.archive.org/web/20210122154200/http://www.securityfocus.com/bid/74456 +- type: WEB + url: http://lists.openstack.org/pipermail/openstack-announce/2015-May/000356.html +- type: WEB + url: http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-jwpw-ppj5-7h4w diff --git a/vulns/keystone/PYSEC-0000-keystone-GHSA-qh2x-hpf9-cf2g.yaml b/vulns/keystone/PYSEC-0000-keystone-GHSA-qh2x-hpf9-cf2g.yaml new file mode 100644 index 000000000..9d8a91752 --- /dev/null +++ b/vulns/keystone/PYSEC-0000-keystone-GHSA-qh2x-hpf9-cf2g.yaml @@ -0,0 +1,50 @@ +id: PYSEC-0000-keystone-GHSA-qh2x-hpf9-cf2g +modified: '2026-07-02T14:13:21.847931Z' +published: '2026-07-02T14:13:21.847931Z' +aliases: +- CVE-2013-2255 +- GHSA-qh2x-hpf9-cf2g +summary: OpenStack Keystone and other components vulnerable to Improper Certificate Validation +details: HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N +affected: +- package: + ecosystem: PyPI + name: keystone + purl: pkg:pypi/keystone + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 8.0.0a0 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2013-2255 +- type: WEB + url: https://github.com/openstack/cinder/commit/0f9652d92e175a1f7dc3c2a37ab444b8f189375a +- type: WEB + url: https://github.com/openstack/keystone/commit/5bd4c2984d329625a2a8442b316fa235dbb88a3d +- type: WEB + url: https://github.com/openstack/neutron/commit/7255e056092f034daaeb4246a812900645d46911 +- type: WEB + url: https://github.com/openstack/python-keystoneclient/commit/20e166fd8a943ee3f91ba362a47e9c14c7cc5f4c +- type: WEB + url: https://access.redhat.com/security/cve/cve-2013-2255 +- type: WEB + url: https://bugs.launchpad.net/ossn/+bug/1188189 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2255 +- type: WEB + url: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2255 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/85562 +- type: WEB + url: https://security-tracker.debian.org/tracker/CVE-2013-2255 +- type: WEB + url: https://web.archive.org/web/20200229073508/https://www.securityfocus.com/bid/61118 +- type: PACKAGE + url: https://pypi.org/project/keystone +- type: ADVISORY + url: https://github.com/advisories/GHSA-qh2x-hpf9-cf2g diff --git a/vulns/mailman/PYSEC-0000-mailman-GHSA-82rm-28q9-435p.yaml b/vulns/mailman/PYSEC-0000-mailman-GHSA-82rm-28q9-435p.yaml new file mode 100644 index 000000000..1fce27ce2 --- /dev/null +++ b/vulns/mailman/PYSEC-0000-mailman-GHSA-82rm-28q9-435p.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-mailman-GHSA-82rm-28q9-435p +modified: '2026-07-02T14:13:18.100267Z' +published: '2026-07-02T14:13:18.100267Z' +aliases: +- CVE-2003-0038 +- GHSA-82rm-28q9-435p +summary: 'Mailman Cross-site scripting (XSS) vulnerability ' +details: Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. +severity: [] +affected: +- package: + ecosystem: PyPI + name: mailman + purl: pkg:pypi/mailman + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.1.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2003-0038 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/11152 +- type: WEB + url: http://marc.info/?l=bugtraq&m=104342745916111 +- type: WEB + url: http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt +- type: WEB + url: http://www.debian.org/security/2004/dsa-436 +- type: WEB + url: http://www.osvdb.org/9205 +- type: WEB + url: http://www.securityfocus.com/bid/6677 +- type: WEB + url: http://www.securitytracker.com/id?1005987 +- type: PACKAGE + url: https://pypi.org/project/mailman +- type: ADVISORY + url: https://github.com/advisories/GHSA-82rm-28q9-435p diff --git a/vulns/mailman/PYSEC-0000-mailman-GHSA-hj4h-vqpq-95wg.yaml b/vulns/mailman/PYSEC-0000-mailman-GHSA-hj4h-vqpq-95wg.yaml new file mode 100644 index 000000000..6fdb72b7f --- /dev/null +++ b/vulns/mailman/PYSEC-0000-mailman-GHSA-hj4h-vqpq-95wg.yaml @@ -0,0 +1,46 @@ +id: PYSEC-0000-mailman-GHSA-hj4h-vqpq-95wg +modified: '2026-07-02T14:13:18.155048Z' +published: '2026-07-02T14:13:18.155048Z' +aliases: +- CVE-2004-0412 +- GHSA-hj4h-vqpq-95wg +summary: Mailman Sensitive Information Disclosure +details: Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server. +severity: [] +affected: +- package: + ecosystem: PyPI + name: mailman + purl: pkg:pypi/mailman + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.1.5 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2004-0412 +- type: WEB + url: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123559 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/16256 +- type: WEB + url: https://gitlab.com/mailman +- type: WEB + url: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 +- type: WEB + url: http://mail.python.org/pipermail/mailman-announce/2004-May/000072.html +- type: WEB + url: http://marc.info/?l=bugtraq&m=109034869927955&w=2 +- type: WEB + url: http://secunia.com/advisories/11701 +- type: WEB + url: http://security.gentoo.org/glsa/glsa-200406-04.xml +- type: WEB + url: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:051 +- type: WEB + url: http://www.securityfocus.com/bid/10412 +- type: PACKAGE + url: https://pypi.org/project/mailman +- type: ADVISORY + url: https://github.com/advisories/GHSA-hj4h-vqpq-95wg diff --git a/vulns/mailman/PYSEC-0000-mailman-GHSA-rh6c-jh4c-9fg3.yaml b/vulns/mailman/PYSEC-0000-mailman-GHSA-rh6c-jh4c-9fg3.yaml new file mode 100644 index 000000000..4da847397 --- /dev/null +++ b/vulns/mailman/PYSEC-0000-mailman-GHSA-rh6c-jh4c-9fg3.yaml @@ -0,0 +1,46 @@ +id: PYSEC-0000-mailman-GHSA-rh6c-jh4c-9fg3 +modified: '2026-07-02T14:13:18.382841Z' +published: '2026-07-02T14:13:18.382841Z' +aliases: +- CVE-2004-1177 +- GHSA-rh6c-jh4c-9fg3 +summary: 'mailman Cross-site scripting (XSS) vulnerability ' +details: Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page. +severity: [] +affected: +- package: + ecosystem: PyPI + name: mailman + purl: pkg:pypi/mailman + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.1.5 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2004-1177 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/18854 +- type: PACKAGE + url: https://github.com/terencehonles/mailman +- type: WEB + url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11113 +- type: WEB + url: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287555 +- type: WEB + url: http://marc.info/?l=bugtraq&m=110549296126351&w=2 +- type: WEB + url: http://secunia.com/advisories/13603 +- type: WEB + url: http://www.debian.org/security/2005/dsa-674 +- type: WEB + url: http://www.mandriva.com/security/advisories?name=MDKSA-2005:015 +- type: WEB + url: http://www.novell.com/linux/security/advisories/2005_07_mailman.html +- type: WEB + url: http://www.redhat.com/support/errata/RHSA-2005-235.html +- type: PACKAGE + url: https://pypi.org/project/mailman +- type: ADVISORY + url: https://github.com/advisories/GHSA-rh6c-jh4c-9fg3 diff --git a/vulns/mailman/PYSEC-0000-mailman-GHSA-xq58-69h2-765m.yaml b/vulns/mailman/PYSEC-0000-mailman-GHSA-xq58-69h2-765m.yaml new file mode 100644 index 000000000..b5866a157 --- /dev/null +++ b/vulns/mailman/PYSEC-0000-mailman-GHSA-xq58-69h2-765m.yaml @@ -0,0 +1,34 @@ +id: PYSEC-0000-mailman-GHSA-xq58-69h2-765m +modified: '2026-07-02T14:13:14.288696Z' +published: '2026-07-02T14:13:14.288696Z' +aliases: +- CVE-2021-44227 +- GHSA-xq58-69h2-765m +summary: Cross Site Request Forgery in mailman +details: In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H +affected: +- package: + ecosystem: PyPI + name: mailman + purl: pkg:pypi/mailman + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.1.38 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-44227 +- type: WEB + url: https://bugs.launchpad.net/mailman/+bug/1952384 +- type: PACKAGE + url: https://gitlab.com/mailman/mailman +- type: WEB + url: https://lists.debian.org/debian-lts-announce/2022/06/msg00011.html +- type: PACKAGE + url: https://pypi.org/project/mailman +- type: ADVISORY + url: https://github.com/advisories/GHSA-xq58-69h2-765m diff --git a/vulns/mailman/PYSEC-0000-mailman-GHSA-xqvg-xm9m-p2c4.yaml b/vulns/mailman/PYSEC-0000-mailman-GHSA-xqvg-xm9m-p2c4.yaml new file mode 100644 index 000000000..46f97c334 --- /dev/null +++ b/vulns/mailman/PYSEC-0000-mailman-GHSA-xqvg-xm9m-p2c4.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-mailman-GHSA-xqvg-xm9m-p2c4 +modified: '2026-07-02T14:13:09.148549Z' +published: '2026-07-02T14:13:09.148549Z' +aliases: +- CVE-2018-13796 +- GHSA-xqvg-xm9m-p2c4 +summary: Moderate severity vulnerability that affects mailman +details: An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N +affected: +- package: + ecosystem: PyPI + name: mailman + purl: pkg:pypi/mailman + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.1.28 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2018-13796 +- type: WEB + url: https://bugs.launchpad.net/mailman/+bug/1780874 +- type: ADVISORY + url: https://github.com/advisories/GHSA-xqvg-xm9m-p2c4 +- type: WEB + url: https://lists.debian.org/debian-lts-announce/2018/07/msg00034.html +- type: WEB + url: https://security.gentoo.org/glsa/201904-10 +- type: WEB + url: https://usn.ubuntu.com/4348-1 +- type: WEB + url: https://www.mail-archive.com/mailman-users@python.org/msg71003.html +- type: PACKAGE + url: https://pypi.org/project/mailman diff --git a/vulns/manila-ui/PYSEC-0000-manila-ui-GHSA-vq76-5ghr-9p4v.yaml b/vulns/manila-ui/PYSEC-0000-manila-ui-GHSA-vq76-5ghr-9p4v.yaml new file mode 100644 index 000000000..987dd9ea0 --- /dev/null +++ b/vulns/manila-ui/PYSEC-0000-manila-ui-GHSA-vq76-5ghr-9p4v.yaml @@ -0,0 +1,48 @@ +id: PYSEC-0000-manila-ui-GHSA-vq76-5ghr-9p4v +modified: '2026-07-02T14:13:22.326003Z' +published: '2026-07-02T14:13:22.326003Z' +aliases: +- CVE-2016-6519 +- GHSA-vq76-5ghr-9p4v +summary: Openstack Manila Persistent XSS in Metadata field +details: Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: manila-ui + purl: pkg:pypi/manila-ui + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 2.5.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2016-6519 +- type: WEB + url: https://github.com/openstack/manila-ui/commit/009913d725bee34cef0bd62e47a298025ace2696 +- type: WEB + url: https://github.com/openstack/manila-ui/commit/89593686ef18f2bd06223b92071b4be2362a5abd +- type: WEB + url: https://github.com/openstack/manila-ui/commit/fca19a1b0d42536644212c5d673fbd6866e67c43 +- type: WEB + url: https://bugs.launchpad.net/manila-ui/+bug/1597738 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1375147 +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2016-2115.html +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2016-2116.html +- type: WEB + url: http://rhn.redhat.com/errata/RHSA-2016-2117.html +- type: WEB + url: http://www.openwall.com/lists/oss-security/2016/09/15/7 +- type: WEB + url: http://www.securityfocus.com/bid/93001 +- type: PACKAGE + url: https://pypi.org/project/manila-ui +- type: ADVISORY + url: https://github.com/advisories/GHSA-vq76-5ghr-9p4v diff --git a/vulns/matrix-synapse/PYSEC-0000-matrix-synapse-GHSA-4822-jvwx-w47h.yaml b/vulns/matrix-synapse/PYSEC-0000-matrix-synapse-GHSA-4822-jvwx-w47h.yaml new file mode 100644 index 000000000..09125ef31 --- /dev/null +++ b/vulns/matrix-synapse/PYSEC-0000-matrix-synapse-GHSA-4822-jvwx-w47h.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-matrix-synapse-GHSA-4822-jvwx-w47h +modified: '2026-07-02T14:13:17.409521Z' +published: '2026-07-02T14:13:17.409521Z' +aliases: +- CVE-2022-41952 +- GHSA-4822-jvwx-w47h +summary: Uncontrolled Resource Consumption in Matrix Synapse +details: "### Impact\n\nSynapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after `max_spider_size` (default: 10M) bytes have been downloaded, which can in some cases lead to long-lived connections towards the streaming media server (for instance, Icecast).\n\nThis can cause excessive traffic and connections toward such servers if their stream URL is, for example, posted to a large room with many Synapse instances with URL preview enabled.\n\n### Patches\n1.52.0 implements a timeout mechanism which will terminate URL preview connections after 30 seconds. Since generating URL previews for media streams is not supported and always fails, 1.53.0 additionally implements an allow list for content types for which Synapse will even attempt to generate a URL preview.\n\nWe recommend upgrading to 1.53.0 to fully resolve the issue.\n\n### Workarounds\nTurn off URL preview functionality by setting `url_preview_enabled: false` in the Synapse configuration file.\n\n### References\n- Patch (timeout): https://github.com/matrix-org/synapse/pull/11784\n- Patch (content type allow list): https://github.com/matrix-org/synapse/pull/11936\n\n### For more information\nIf you have any questions or comments about this advisory, e-mail us at security@matrix.org.\n" +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L +affected: +- package: + ecosystem: PyPI + name: matrix-synapse + purl: pkg:pypi/matrix-synapse + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.53.0 +references: +- type: WEB + url: https://github.com/matrix-org/synapse/security/advisories/GHSA-4822-jvwx-w47h +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-41952 +- type: WEB + url: https://github.com/matrix-org/synapse/pull/11784 +- type: WEB + url: https://github.com/matrix-org/synapse/pull/11936 +- type: PACKAGE + url: https://github.com/matrix-org/synapse +- type: WEB + url: https://github.com/matrix-org/synapse/releases/tag/v1.52.0 +- type: WEB + url: https://github.com/matrix-org/synapse/releases/tag/v1.53.0 +- type: PACKAGE + url: https://pypi.org/project/matrix-synapse +- type: ADVISORY + url: https://github.com/advisories/GHSA-4822-jvwx-w47h diff --git a/vulns/matrix-synapse/PYSEC-0000-matrix-synapse-GHSA-v8wm-g9f2-xjv4.yaml b/vulns/matrix-synapse/PYSEC-0000-matrix-synapse-GHSA-v8wm-g9f2-xjv4.yaml new file mode 100644 index 000000000..ee8a9516e --- /dev/null +++ b/vulns/matrix-synapse/PYSEC-0000-matrix-synapse-GHSA-v8wm-g9f2-xjv4.yaml @@ -0,0 +1,36 @@ +id: PYSEC-0000-matrix-synapse-GHSA-v8wm-g9f2-xjv4 +modified: '2026-07-02T14:13:24.881978Z' +published: '2026-07-02T14:13:24.881978Z' +aliases: +- CVE-2018-12291 +- GHSA-v8wm-g9f2-xjv4 +summary: Matrix Synapse Security Filtering Flaw +details: The `on_get_missing_events` function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the get_missing_events federation API where event visibility rules were not applied correctly. +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N +affected: +- package: + ecosystem: PyPI + name: matrix-synapse + purl: pkg:pypi/matrix-synapse + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 0.31.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2018-12291 +- type: WEB + url: https://github.com/matrix-org/synapse/pull/3371 +- type: WEB + url: https://github.com/matrix-org/synapse/commit/0834b49c6a9b6c597a154d4b2dfcf8fff90699ec +- type: PACKAGE + url: https://github.com/matrix-org/synapse +- type: WEB + url: https://github.com/matrix-org/synapse/releases/tag/v0.31.1 +- type: PACKAGE + url: https://pypi.org/project/matrix-synapse +- type: ADVISORY + url: https://github.com/advisories/GHSA-v8wm-g9f2-xjv4 diff --git a/vulns/mercurial/PYSEC-0000-mercurial-GHSA-7gf7-7wx4-mxmw.yaml b/vulns/mercurial/PYSEC-0000-mercurial-GHSA-7gf7-7wx4-mxmw.yaml new file mode 100644 index 000000000..9bcc2a587 --- /dev/null +++ b/vulns/mercurial/PYSEC-0000-mercurial-GHSA-7gf7-7wx4-mxmw.yaml @@ -0,0 +1,44 @@ +id: PYSEC-0000-mercurial-GHSA-7gf7-7wx4-mxmw +modified: '2026-07-02T14:13:17.606556Z' +published: '2026-07-02T14:13:17.606556Z' +aliases: +- CVE-2010-4237 +- GHSA-7gf7-7wx4-mxmw +summary: Mercurial Improper Certificate Validation vulnerability +details: Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N +affected: +- package: + ecosystem: PyPI + name: mercurial + purl: pkg:pypi/mercurial + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.6.4 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2010-4237 +- type: WEB + url: https://github.com/dscho/hg/commit/4ea63fb25ceeeaaa4cd1026f733b7ea7672c30b3 +- type: WEB + url: https://github.com/dscho/hg/commit/89baabf4fb7abf30ef6fdcf3d455a7893e5cc145 +- type: WEB + url: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598841 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4237 +- type: WEB + url: https://bz.mercurial-scm.org/show_bug.cgi?id=2407 +- type: WEB + url: https://repo.mercurial-scm.org/hg/rev/6ab4a7d3c179 +- type: WEB + url: https://repo.mercurial-scm.org/hg/rev/f2937d6492c5 +- type: WEB + url: https://security-tracker.debian.org/tracker/CVE-2010-4237 +- type: PACKAGE + url: https://pypi.org/project/mercurial +- type: ADVISORY + url: https://github.com/advisories/GHSA-7gf7-7wx4-mxmw diff --git a/vulns/mercurial/PYSEC-0000-mercurial-GHSA-v2gw-x5jf-pgwv.yaml b/vulns/mercurial/PYSEC-0000-mercurial-GHSA-v2gw-x5jf-pgwv.yaml new file mode 100644 index 000000000..4c320a69b --- /dev/null +++ b/vulns/mercurial/PYSEC-0000-mercurial-GHSA-v2gw-x5jf-pgwv.yaml @@ -0,0 +1,54 @@ +id: PYSEC-0000-mercurial-GHSA-v2gw-x5jf-pgwv +modified: '2026-07-02T14:13:21.096985Z' +published: '2026-07-02T14:13:21.096985Z' +aliases: +- CVE-2008-2942 +- GHSA-v2gw-x5jf-pgwv +summary: Mercurial Directory traversal vulnerability +details: Directory traversal vulnerability in patch.py in Mercurial before 1.0.2 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. +severity: [] +affected: +- package: + ecosystem: PyPI + name: mercurial + purl: pkg:pypi/mercurial + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.0.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2008-2942 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/43551 +- type: PACKAGE + url: https://github.com/dscho/hg +- type: WEB + url: https://issues.rpath.com/browse/RPL-2633 +- type: WEB + url: http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html +- type: WEB + url: http://secunia.com/advisories/31108 +- type: WEB + url: http://secunia.com/advisories/31110 +- type: WEB + url: http://secunia.com/advisories/31167 +- type: WEB + url: http://security.gentoo.org/glsa/glsa-200807-09.xml +- type: WEB + url: http://wiki.rpath.com/Advisories:rPSA-2008-0211 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2008/06/30/1 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2008/07/01/1 +- type: WEB + url: http://www.securityfocus.com/archive/1/493881/100/0/threaded +- type: WEB + url: http://www.securityfocus.com/bid/30072 +- type: WEB + url: http://www.selenic.com/hg/rev/87c704ac92d4 +- type: PACKAGE + url: https://pypi.org/project/mercurial +- type: ADVISORY + url: https://github.com/advisories/GHSA-v2gw-x5jf-pgwv diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-53wj-6m7w-j6mj.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-53wj-6m7w-j6mj.yaml new file mode 100644 index 000000000..bbf917100 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-53wj-6m7w-j6mj.yaml @@ -0,0 +1,56 @@ +id: PYSEC-0000-moin-GHSA-53wj-6m7w-j6mj +modified: '2026-07-02T14:13:20.523188Z' +published: '2026-07-02T14:13:20.523188Z' +aliases: +- CVE-2008-0780 +- GHSA-53wj-6m7w-j6mj +summary: MoinMoin Cross-site scripting (XSS) vulnerability +details: Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '1.5' + - fixed: 1.6.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2008-0780 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=432747 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00726.html +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00752.html +- type: WEB + url: http://hg.moinmo.in/moin/1.5/rev/2f952fa361c7 +- type: WEB + url: http://hg.moinmo.in/moin/1.6/rev/9f4bdc7ef80d +- type: WEB + url: http://secunia.com/advisories/28987 +- type: WEB + url: http://secunia.com/advisories/29010 +- type: WEB + url: http://secunia.com/advisories/29262 +- type: WEB + url: http://secunia.com/advisories/29444 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.debian.org/security/2008/dsa-1514 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml +- type: WEB + url: http://www.securityfocus.com/bid/27904 +- type: WEB + url: http://www.vupen.com/english/advisories/2008/0569/references +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-53wj-6m7w-j6mj diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-6766-r2rx-mfw9.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-6766-r2rx-mfw9.yaml new file mode 100644 index 000000000..79e3ce720 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-6766-r2rx-mfw9.yaml @@ -0,0 +1,52 @@ +id: PYSEC-0000-moin-GHSA-6766-r2rx-mfw9 +modified: '2026-07-02T14:13:20.636177Z' +published: '2026-07-02T14:13:20.636177Z' +aliases: +- CVE-2008-0782 +- GHSA-6766-r2rx-mfw9 +summary: MoinMoin Directory traversal vulnerability +details: 'Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a `..` (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter. The issue has been fixed on [e69a16b6e630](http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630).' +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.5.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2008-0782 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/39837 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://www.exploit-db.com/exploits/4957 +- type: WEB + url: http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630 +- type: WEB + url: http://secunia.com/advisories/29010 +- type: WEB + url: http://secunia.com/advisories/29262 +- type: WEB + url: http://secunia.com/advisories/29444 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.attrition.org/pipermail/vim/2008-January/001890.html +- type: WEB + url: http://www.debian.org/security/2008/dsa-1514 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml +- type: WEB + url: http://www.securityfocus.com/bid/27404 +- type: WEB + url: http://www.vupen.com/english/advisories/2008/0569/references +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-6766-r2rx-mfw9 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-775g-4482-pm94.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-775g-4482-pm94.yaml new file mode 100644 index 000000000..307e43562 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-775g-4482-pm94.yaml @@ -0,0 +1,54 @@ +id: PYSEC-0000-moin-GHSA-775g-4482-pm94 +modified: '2026-07-02T14:13:20.575874Z' +published: '2026-07-02T14:13:20.575874Z' +aliases: +- CVE-2008-0781 +- GHSA-775g-4482-pm94 +summary: MoinMoin Multiple cross-site scripting (XSS) vulnerabilities +details: Multiple cross-site scripting (XSS) vulnerabilities in `action/AttachFile.py` in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) message, (2) pagename, and (3) target filenames. The issue was fixed on [db212dfc58ef](http://hg.moinmo.in/moin/1.5/rev/db212dfc58ef). +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.5.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2008-0781 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=432748 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00726.html +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00752.html +- type: WEB + url: http://hg.moinmo.in/moin/1.5/rev/db212dfc58ef +- type: WEB + url: http://secunia.com/advisories/28987 +- type: WEB + url: http://secunia.com/advisories/29010 +- type: WEB + url: http://secunia.com/advisories/29262 +- type: WEB + url: http://secunia.com/advisories/29444 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.debian.org/security/2008/dsa-1514 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml +- type: WEB + url: http://www.securityfocus.com/bid/27904 +- type: WEB + url: http://www.vupen.com/english/advisories/2008/0569/references +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-775g-4482-pm94 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-7hjm-hqgj-xv9f.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-7hjm-hqgj-xv9f.yaml new file mode 100644 index 000000000..502a807a9 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-7hjm-hqgj-xv9f.yaml @@ -0,0 +1,50 @@ +id: PYSEC-0000-moin-GHSA-7hjm-hqgj-xv9f +modified: '2026-07-02T14:13:21.242604Z' +published: '2026-07-02T14:13:21.242604Z' +aliases: +- CVE-2009-0260 +- GHSA-7hjm-hqgj-xv9f +summary: MoinMoin Multiple cross-site scripting (XSS) vulnerabilities +details: Multiple cross-site scripting (XSS) vulnerabilities in `action/AttachFile.py` in MoinMoin before 1.8.1 allow remote attackers to inject arbitrary web script or HTML via an AttachFile action to the WikiSandBox component with (1) the rename parameter or (2) the drawing parameter (aka the basename variable). +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.8.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2009-0260 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/48126 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://web.archive.org/web/20200228171520/http://hg.moinmo.in/moin/1.8/rev/8cb4d34ccbc1 +- type: WEB + url: https://www.debian.org/security/2009/dsa-1715 +- type: WEB + url: http://moinmo.in/SecurityFixes#moin1.8.1 +- type: WEB + url: http://osvdb.org/51485 +- type: WEB + url: http://secunia.com/advisories/33593 +- type: WEB + url: http://secunia.com/advisories/33716 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.securityfocus.com/archive/1/500197/100/0/threaded +- type: WEB + url: http://www.securityfocus.com/bid/33365 +- type: WEB + url: http://www.vupen.com/english/advisories/2009/0195 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-7hjm-hqgj-xv9f diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-7jrp-r6jx-32cw.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-7jrp-r6jx-32cw.yaml new file mode 100644 index 000000000..bcf946a8f --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-7jrp-r6jx-32cw.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-moin-GHSA-7jrp-r6jx-32cw +modified: '2026-07-02T14:13:18.303725Z' +published: '2026-07-02T14:13:18.303725Z' +aliases: +- CVE-2004-0708 +- GHSA-7jrp-r6jx-32cw +summary: MoinMoin allows administrative access +details: MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.2.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2004-0708 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/16465 +- type: WEB + url: http://secunia.com/advisories/11807 +- type: WEB + url: http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200407-09.xml +- type: WEB + url: http://www.osvdb.org/6704 +- type: WEB + url: http://www.securityfocus.com/bid/10568 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-7jrp-r6jx-32cw diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-8fj9-pj4p-4vq7.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-8fj9-pj4p-4vq7.yaml new file mode 100644 index 000000000..4a86423df --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-8fj9-pj4p-4vq7.yaml @@ -0,0 +1,54 @@ +id: PYSEC-0000-moin-GHSA-8fj9-pj4p-4vq7 +modified: '2026-07-02T14:13:20.698066Z' +published: '2026-07-02T14:13:20.698066Z' +aliases: +- CVE-2008-1098 +- GHSA-8fj9-pj4p-4vq7 +summary: MoinMoin Multiple cross-site scripting (XSS) vulnerabilities +details: "Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) certain input processed by `formatter/text_gedit.py` (aka the gui editor formatter); (2) a page name, which triggers an injection in PageEditor.py when the page is successfully deleted by a victim in a DeletePage action; or (3) the destination page name for a RenamePage action, which triggers an injection in PageEditor.py when a victim's rename attempt fails because of a duplicate name. NOTE: the AttachFile XSS issue is already covered by CVE-2008-0781, and the login XSS issue is already covered by CVE-2008-0780.\nThe issue has been fixed on [d0152eeb4499](http://hg.moinmo.in/moin/1.5/rev/d0152eeb4499) and [4ede07e792dd](http://hg.moinmo.in/moin/1.5/rev/4ede07e792dd)." +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.5.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2008-1098 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/41037 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html +- type: WEB + url: http://hg.moinmo.in/moin/1.5/rev/4ede07e792dd +- type: WEB + url: http://hg.moinmo.in/moin/1.5/rev/d0152eeb4499 +- type: WEB + url: http://moinmo.in/SecurityFixes +- type: WEB + url: http://secunia.com/advisories/29262 +- type: WEB + url: http://secunia.com/advisories/29444 +- type: WEB + url: http://secunia.com/advisories/30031 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.debian.org/security/2008/dsa-1514 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml +- type: WEB + url: http://www.securityfocus.com/bid/28173 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-8fj9-pj4p-4vq7 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-9gj2-ph57-56f5.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-9gj2-ph57-56f5.yaml new file mode 100644 index 000000000..09138e577 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-9gj2-ph57-56f5.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-moin-GHSA-9gj2-ph57-56f5 +modified: '2026-07-02T14:13:20.213871Z' +published: '2026-07-02T14:13:20.213871Z' +aliases: +- CVE-2007-0901 +- GHSA-9gj2-ph57-56f5 +summary: MoinMoin Cross-Site Scripting (XSS) vulnerability via hitcounts and general parameters +details: 'Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.' +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.5.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-0901 +- type: PACKAGE + url: https://github.com/moinwiki/moin +- type: WEB + url: https://moinmo.in/MoinMoinRelease1.5/CHANGES +- type: WEB + url: https://web.archive.org/web/20070214032031/http://secunia.com/advisories/24138 +- type: WEB + url: https://web.archive.org/web/20070227204439/http://secunia.com/advisories/24244 +- type: WEB + url: https://web.archive.org/web/20080516214454/http://www.securityfocus.com/bid/22515 +- type: WEB + url: http://www.ubuntu.com/usn/usn-423-1 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-9gj2-ph57-56f5 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-9xh4-wpx8-rg2w.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-9xh4-wpx8-rg2w.yaml new file mode 100644 index 000000000..b6b22a872 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-9xh4-wpx8-rg2w.yaml @@ -0,0 +1,36 @@ +id: PYSEC-0000-moin-GHSA-9xh4-wpx8-rg2w +modified: '2026-07-02T14:13:18.763018Z' +published: '2026-07-02T14:13:18.763018Z' +aliases: +- CVE-2004-1463 +- GHSA-9xh4-wpx8-rg2w +summary: MoinMoin Improper Privilege Management +details: "MoinMoin 1.2.2 and earlier could allow a remote attacker to gain elevated privileges, caused by an undisclosed Access Control List (ACL) vulnerability in the PageEditor.\n\n" +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.2.3 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2004-1463 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/16832 +- type: WEB + url: http://sourceforge.net/project/shownotes.php?group_id=8482&release_id=254801 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200408-25.xml +- type: WEB + url: http://www.osvdb.org/displayvuln.php?osvdb_id=8195 +- type: WEB + url: http://www.securityfocus.com/bid/10801 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-9xh4-wpx8-rg2w diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-cmg7-xr2j-4r9v.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-cmg7-xr2j-4r9v.yaml new file mode 100644 index 000000000..915d24fb2 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-cmg7-xr2j-4r9v.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-moin-GHSA-cmg7-xr2j-4r9v +modified: '2026-07-02T14:13:20.287938Z' +published: '2026-07-02T14:13:20.287938Z' +aliases: +- CVE-2007-2637 +- GHSA-cmg7-xr2j-4r9v +summary: MoinMoin Improper ACL handling for calendars and includes +details: MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.5.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-2637 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/34474 +- type: WEB + url: https://moinmo.in/MoinMoinRelease1.5/CHANGES +- type: WEB + url: http://osvdb.org/36269 +- type: WEB + url: http://secunia.com/advisories/25208 +- type: WEB + url: http://secunia.com/advisories/29262 +- type: WEB + url: http://www.debian.org/security/2008/dsa-1514 +- type: WEB + url: http://www.ubuntu.com/usn/usn-458-1 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-cmg7-xr2j-4r9v diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-cx94-3h5x-cc57.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-cx94-3h5x-cc57.yaml new file mode 100644 index 000000000..ea412d81f --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-cx94-3h5x-cc57.yaml @@ -0,0 +1,48 @@ +id: PYSEC-0000-moin-GHSA-cx94-3h5x-cc57 +modified: '2026-07-02T14:13:21.309699Z' +published: '2026-07-02T14:13:21.309699Z' +aliases: +- CVE-2009-0312 +- GHSA-cx94-3h5x-cc57 +summary: MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature +details: Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.8.2 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2009-0312 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/48306 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://web.archive.org/web/20090323075215/http://hg.moinmo.in/moin/1.8/raw-file/1.8.2/docs/CHANGES +- type: WEB + url: https://web.archive.org/web/20100825000634/http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad +- type: WEB + url: https://web.archive.org/web/20200228151935/http://hg.moinmo.in/moin/1.8/rev/89b91bf87dad +- type: WEB + url: https://www.debian.org/security/2009/dsa-1715 +- type: WEB + url: http://moinmo.in/SecurityFixes#moin1.8.1 +- type: WEB + url: http://osvdb.org/51632 +- type: WEB + url: http://secunia.com/advisories/33716 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.openwall.com/lists/oss-security/2009/01/27/4 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-cx94-3h5x-cc57 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-jj2f-57jg-5rm6.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-jj2f-57jg-5rm6.yaml new file mode 100644 index 000000000..8bb5e488d --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-jj2f-57jg-5rm6.yaml @@ -0,0 +1,52 @@ +id: PYSEC-0000-moin-GHSA-jj2f-57jg-5rm6 +modified: '2026-07-02T14:13:20.768903Z' +published: '2026-07-02T14:13:20.768903Z' +aliases: +- CVE-2008-1099 +- GHSA-jj2f-57jg-5rm6 +summary: 'MoinMoin Improper Access Control ' +details: '`_macro_Getval` in `wikimacro.py` in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages. The issue has been fixed on [4a7de0173734](http://hg.moinmo.in/moin/1.5/rev/4a7de0173734).' +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 1.5.8 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2008-1099 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/41038 +- type: WEB + url: https://usn.ubuntu.com/716-1 +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html +- type: WEB + url: https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html +- type: WEB + url: http://hg.moinmo.in/moin/1.5/rev/4a7de0173734 +- type: WEB + url: http://moinmo.in/SecurityFixes +- type: WEB + url: http://secunia.com/advisories/29262 +- type: WEB + url: http://secunia.com/advisories/29444 +- type: WEB + url: http://secunia.com/advisories/30031 +- type: WEB + url: http://secunia.com/advisories/33755 +- type: WEB + url: http://www.debian.org/security/2008/dsa-1514 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml +- type: WEB + url: http://www.securityfocus.com/bid/28177 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-jj2f-57jg-5rm6 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-m84w-vgwf-p893.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-m84w-vgwf-p893.yaml new file mode 100644 index 000000000..63e95f611 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-m84w-vgwf-p893.yaml @@ -0,0 +1,48 @@ +id: PYSEC-0000-moin-GHSA-m84w-vgwf-p893 +modified: '2026-07-02T14:13:20.067749Z' +published: '2026-07-02T14:13:20.067749Z' +aliases: +- CVE-2007-0857 +- GHSA-m84w-vgwf-p893 +summary: MoinMoin Multiple cross-site scripting (XSS) vulnerabilities +details: Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before 1.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the page info, or the page name in a (2) AttachFile, (3) RenamePage, or (4) LocalSiteMap action. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.5.7 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-0857 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/32377 +- type: WEB + url: http://moinmoin.wikiwikiweb.de/MoinMoinRelease1.5/CHANGES +- type: WEB + url: http://osvdb.org/31871 +- type: WEB + url: http://osvdb.org/31872 +- type: WEB + url: http://osvdb.org/31873 +- type: WEB + url: http://secunia.com/advisories/24096 +- type: WEB + url: http://secunia.com/advisories/24117 +- type: WEB + url: http://www.osvdb.org/31874 +- type: WEB + url: http://www.securityfocus.com/bid/22506 +- type: WEB + url: http://www.ubuntu.com/usn/usn-421-1 +- type: WEB + url: http://www.vupen.com/english/advisories/2007/0553 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-m84w-vgwf-p893 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-mxh8-xgq9-w782.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-mxh8-xgq9-w782.yaml new file mode 100644 index 000000000..17a9b2a3c --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-mxh8-xgq9-w782.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-moin-GHSA-mxh8-xgq9-w782 +modified: '2026-07-02T14:13:20.125761Z' +published: '2026-07-02T14:13:20.125761Z' +aliases: +- CVE-2007-0902 +- GHSA-mxh8-xgq9-w782 +summary: MoinMoin Insertion of Sensitive Information into Log File +details: An information leak was discovered in MoinMoin's debug reporting version 1.5.7, which could expose information about the versions of software running on the host system. MoinMoin administrators can add "show_traceback=0" to their site configurations to disable debug tracebacks. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: 1.5.7 + - fixed: 1.5.8 + versions: + - 1.5.7 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2007-0902 +- type: WEB + url: https://moinmo.in/MoinMoinRelease1.5/CHANGES +- type: WEB + url: http://osvdb.org/33173 +- type: WEB + url: http://secunia.com/advisories/24138 +- type: WEB + url: http://secunia.com/advisories/24244 +- type: WEB + url: http://www.securityfocus.com/bid/22515 +- type: WEB + url: http://www.ubuntu.com/usn/usn-423-1 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-mxh8-xgq9-w782 diff --git a/vulns/moin/PYSEC-0000-moin-GHSA-v744-h36c-hv5j.yaml b/vulns/moin/PYSEC-0000-moin-GHSA-v744-h36c-hv5j.yaml new file mode 100644 index 000000000..ae43b1d86 --- /dev/null +++ b/vulns/moin/PYSEC-0000-moin-GHSA-v744-h36c-hv5j.yaml @@ -0,0 +1,36 @@ +id: PYSEC-0000-moin-GHSA-v744-h36c-hv5j +modified: '2026-07-02T14:13:18.707674Z' +published: '2026-07-02T14:13:18.707674Z' +aliases: +- CVE-2004-1462 +- GHSA-v744-h36c-hv5j +summary: 'MoinMoin Improper Access Control ' +details: Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote attackers to gain unauthorized access to administrator functions such as (1) revert and (2) delete. +severity: [] +affected: +- package: + ecosystem: PyPI + name: moin + purl: pkg:pypi/moin + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.2.3 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2004-1462 +- type: WEB + url: https://exchange.xforce.ibmcloud.com/vulnerabilities/16833 +- type: WEB + url: https://sourceforge.net/project/shownotes.php?group_id=8482&release_id=254801 +- type: WEB + url: http://www.gentoo.org/security/en/glsa/glsa-200408-25.xml +- type: WEB + url: http://www.osvdb.org/displayvuln.php?osvdb_id=8194 +- type: WEB + url: http://www.securityfocus.com/bid/10805 +- type: PACKAGE + url: https://pypi.org/project/moin +- type: ADVISORY + url: https://github.com/advisories/GHSA-v744-h36c-hv5j diff --git a/vulns/motioneye/PYSEC-0000-motioneye-GHSA-m2c7-42rf-c62f.yaml b/vulns/motioneye/PYSEC-0000-motioneye-GHSA-m2c7-42rf-c62f.yaml new file mode 100644 index 000000000..c864c0fd5 --- /dev/null +++ b/vulns/motioneye/PYSEC-0000-motioneye-GHSA-m2c7-42rf-c62f.yaml @@ -0,0 +1,34 @@ +id: PYSEC-0000-motioneye-GHSA-m2c7-42rf-c62f +modified: '2026-07-02T14:13:15.109139Z' +published: '2026-07-02T14:13:15.109139Z' +aliases: +- CVE-2021-44255 +- GHSA-m2c7-42rf-c62f +summary: Unrestricted Upload of File with Dangerous Type in motionEye +details: "motionEye <= 0.42.1 and motioneEyeOS <= 20200606 allow a remote attacker to upload a configuration backup file containing a malicious python pickle file. This is possible when an installation is accessible over the Internet and uses no or poor authentication credentials.\n\nThe GitHub repositories for motionEye and motionEyeOS are no longer being actively maintained as of January 2022, so release of a patched version is unlikely. Keeping a motionEye or motionEyeOS installation off of the Internet and/or using strong credentials provide protection against this issue." +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H +affected: +- package: + ecosystem: PyPI + name: motioneye + purl: pkg:pypi/motioneye + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 0.42.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-44255 +- type: WEB + url: https://github.com/ccrisan/motioneyeos/issues/2843 +- type: PACKAGE + url: https://github.com/ccrisan/motioneye +- type: WEB + url: https://www.pizzapower.me/2021/10/09/self-hosted-security-part-1-motioneye +- type: PACKAGE + url: https://pypi.org/project/motioneye +- type: ADVISORY + url: https://github.com/advisories/GHSA-m2c7-42rf-c62f diff --git a/vulns/mysql-connector-python/PYSEC-0000-mysql-connector-python-GHSA-2cf3-g243-hhfx.yaml b/vulns/mysql-connector-python/PYSEC-0000-mysql-connector-python-GHSA-2cf3-g243-hhfx.yaml new file mode 100644 index 000000000..18e9b3e42 --- /dev/null +++ b/vulns/mysql-connector-python/PYSEC-0000-mysql-connector-python-GHSA-2cf3-g243-hhfx.yaml @@ -0,0 +1,36 @@ +id: PYSEC-0000-mysql-connector-python-GHSA-2cf3-g243-hhfx +modified: '2026-07-02T14:13:24.741892Z' +published: '2026-07-02T14:13:24.741892Z' +aliases: +- CVE-2017-3590 +- GHSA-2cf3-g243-hhfx +summary: MySQL Connectors Privilege Escalation +details: 'Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data. CVSS 3.0 Base Score 3.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).' +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N +affected: +- package: + ecosystem: PyPI + name: mysql-connector-python + purl: pkg:pypi/mysql-connector-python + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - last_affected: 2.1.5 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2017-3590 +- type: PACKAGE + url: https://github.com/mysql/mysql-connector-python +- type: WEB + url: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html +- type: WEB + url: http://www.securityfocus.com/bid/97840 +- type: WEB + url: http://www.securitytracker.com/id/1038287 +- type: PACKAGE + url: https://pypi.org/project/mysql-connector-python +- type: ADVISORY + url: https://github.com/advisories/GHSA-2cf3-g243-hhfx diff --git a/vulns/mysql-connector-python/PYSEC-0000-mysql-connector-python-GHSA-v5rq-w2xm-7g5f.yaml b/vulns/mysql-connector-python/PYSEC-0000-mysql-connector-python-GHSA-v5rq-w2xm-7g5f.yaml new file mode 100644 index 000000000..ab5442d12 --- /dev/null +++ b/vulns/mysql-connector-python/PYSEC-0000-mysql-connector-python-GHSA-v5rq-w2xm-7g5f.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-mysql-connector-python-GHSA-v5rq-w2xm-7g5f +modified: '2026-07-02T14:13:23.657489Z' +published: '2026-07-02T14:13:23.657489Z' +aliases: +- CVE-2019-2435 +- GHSA-v5rq-w2xm-7g5f +summary: Improper Access Control in MySQL Connector Python +details: 'Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data. ' +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N +affected: +- package: + ecosystem: PyPI + name: mysql-connector-python + purl: pkg:pypi/mysql-connector-python + ranges: + - type: ECOSYSTEM + events: + - introduced: 2.1.0 + - fixed: 8.0.19 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2019-2435 +- type: PACKAGE + url: https://github.com/mysql/mysql-connector-python +- type: WEB + url: https://security.netapp.com/advisory/ntap-20190118-0002 +- type: WEB + url: http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00044.html +- type: WEB + url: http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00053.html +- type: WEB + url: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html +- type: WEB + url: http://www.securityfocus.com/bid/106616 +- type: PACKAGE + url: https://pypi.org/project/mysql-connector-python +- type: ADVISORY + url: https://github.com/advisories/GHSA-v5rq-w2xm-7g5f diff --git a/vulns/nanopb/PYSEC-0000-nanopb-GHSA-85rr-4rh9-hhwh.yaml b/vulns/nanopb/PYSEC-0000-nanopb-GHSA-85rr-4rh9-hhwh.yaml new file mode 100644 index 000000000..a1da2c867 --- /dev/null +++ b/vulns/nanopb/PYSEC-0000-nanopb-GHSA-85rr-4rh9-hhwh.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-nanopb-GHSA-85rr-4rh9-hhwh +modified: '2026-07-02T14:13:09.752037Z' +published: '2026-07-02T14:13:09.752037Z' +aliases: +- CVE-2020-26243 +- GHSA-85rr-4rh9-hhwh +summary: Memory leak in Nanopb +details: "### Impact\nDecoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded contains the submessage multiple times. This is rare in normal messages, but it is a concern when untrusted data is parsed.\n\n### Patches\nPreliminary patch is [available on git](https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9) and problem will be patched in versions 0.3.9.7 and 0.4.4 once testing has been completed.\n\n### Workarounds\nFollowing workarounds are available:\n* Set the option `no_unions` for the oneof field. This will generate fields as separate instead of C union, and avoids triggering the problematic code.\n* Set the type of the submessage field inside oneof to `FT_POINTER`. This way the whole submessage will be dynamically allocated and the problematic code is not executed.\n* Use an arena allocator for nanopb, to make sure all memory can be released afterwards.\n\n### References\nBug report: https://github.com/nanopb/nanopb/issues/615\n\n### For more information\nIf you have any questions or comments about this advisory, comment on the bug report linked above." +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H +affected: +- package: + ecosystem: PyPI + name: nanopb + purl: pkg:pypi/nanopb + ranges: + - type: ECOSYSTEM + events: + - introduced: 0.3.2 + - fixed: 0.3.9.7 + - introduced: 0.4.0 + - fixed: 0.4.4 +references: +- type: WEB + url: https://github.com/nanopb/nanopb/security/advisories/GHSA-85rr-4rh9-hhwh +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2020-26243 +- type: WEB + url: https://github.com/nanopb/nanopb/issues/615 +- type: WEB + url: https://github.com/nanopb/nanopb/commit/4fe23595732b6f1254cfc11a9b8d6da900b55b0c +- type: WEB + url: https://github.com/nanopb/nanopb/blob/2b48a361786dfb1f63d229840217a93aae064667/CHANGELOG.txt +- type: PACKAGE + url: https://pypi.org/project/nanopb +- type: ADVISORY + url: https://github.com/advisories/GHSA-85rr-4rh9-hhwh diff --git a/vulns/nemo-toolkit/PYSEC-0000-nemo-toolkit-GHSA-9hg3-hmmf-c3gr.yaml b/vulns/nemo-toolkit/PYSEC-0000-nemo-toolkit-GHSA-9hg3-hmmf-c3gr.yaml new file mode 100644 index 000000000..d5b5a0b31 --- /dev/null +++ b/vulns/nemo-toolkit/PYSEC-0000-nemo-toolkit-GHSA-9hg3-hmmf-c3gr.yaml @@ -0,0 +1,32 @@ +id: PYSEC-0000-nemo-toolkit-GHSA-9hg3-hmmf-c3gr +modified: '2026-07-02T14:13:14.599712Z' +published: '2026-07-02T14:13:14.599712Z' +aliases: +- CVE-2022-22821 +- GHSA-9hg3-hmmf-c3gr +summary: Path Traversal in nemo-toolkit +details: NVIDIA NeMo before 1.6.0 contains a vulnerability in ASR WebApp, in which ../ Path Traversal may lead to deletion of any directory when admin privileges are available. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N +affected: +- package: + ecosystem: PyPI + name: nemo-toolkit + purl: pkg:pypi/nemo-toolkit + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 1.6.0 +references: +- type: WEB + url: https://github.com/NVIDIA/NeMo/security/advisories/GHSA-rpx7-33j2-xx9x +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2022-22821 +- type: PACKAGE + url: https://github.com/NVIDIA/NeMo +- type: PACKAGE + url: https://pypi.org/project/nemo-toolkit +- type: ADVISORY + url: https://github.com/advisories/GHSA-9hg3-hmmf-c3gr diff --git a/vulns/neutron/PYSEC-0000-neutron-GHSA-hvxr-2fvv-c3wq.yaml b/vulns/neutron/PYSEC-0000-neutron-GHSA-hvxr-2fvv-c3wq.yaml new file mode 100644 index 000000000..ec95f429f --- /dev/null +++ b/vulns/neutron/PYSEC-0000-neutron-GHSA-hvxr-2fvv-c3wq.yaml @@ -0,0 +1,56 @@ +id: PYSEC-0000-neutron-GHSA-hvxr-2fvv-c3wq +modified: '2026-07-02T14:13:22.484803Z' +published: '2026-07-02T14:13:22.484803Z' +aliases: +- CVE-2017-7543 +- GHSA-hvxr-2fvv-c3wq +summary: OpenStack Neutron Race Condition vulnerability +details: 'A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.' +severity: +- type: CVSS_V3 + score: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N +affected: +- package: + ecosystem: PyPI + name: neutron + purl: pkg:pypi/neutron + ranges: + - type: ECOSYSTEM + events: + - introduced: '0' + - fixed: 7.2.0-12.1 + - introduced: 8.0.0 + - fixed: 8.3.0-11.1 + - introduced: 9.0.0 + - fixed: 9.3.1-2.1 + - introduced: 10.0.0 + - fixed: 10.0.2-1.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2017-7543 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2447 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2448 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2449 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2450 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2451 +- type: WEB + url: https://access.redhat.com/errata/RHSA-2017:2452 +- type: WEB + url: https://access.redhat.com/security/cve/CVE-2017-7543 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=1473792 +- type: WEB + url: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543 +- type: PACKAGE + url: https://opendev.org/openstack/neutron +- type: WEB + url: https://web.archive.org/web/20200227153412/https://www.securityfocus.com/bid/100237 +- type: PACKAGE + url: https://pypi.org/project/neutron +- type: ADVISORY + url: https://github.com/advisories/GHSA-hvxr-2fvv-c3wq diff --git a/vulns/nicotine-plus/PYSEC-0000-nicotine-plus-GHSA-p4v2-r99v-wjc2.yaml b/vulns/nicotine-plus/PYSEC-0000-nicotine-plus-GHSA-p4v2-r99v-wjc2.yaml new file mode 100644 index 000000000..6b6b4f44e --- /dev/null +++ b/vulns/nicotine-plus/PYSEC-0000-nicotine-plus-GHSA-p4v2-r99v-wjc2.yaml @@ -0,0 +1,38 @@ +id: PYSEC-0000-nicotine-plus-GHSA-p4v2-r99v-wjc2 +modified: '2026-07-02T14:13:16.407927Z' +published: '2026-07-02T14:13:16.407927Z' +aliases: +- CVE-2021-45848 +- GHSA-p4v2-r99v-wjc2 +summary: Nicotine+ DoS on Null Character in Download Request +details: Denial of service (DoS) vulnerability in Nicotine+ starting with version 3.0.3 and prior to version 3.2.1 allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character. +severity: +- type: CVSS_V3 + score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H +affected: +- package: + ecosystem: PyPI + name: nicotine-plus + purl: pkg:pypi/nicotine-plus + ranges: + - type: ECOSYSTEM + events: + - introduced: 3.0.3 + - fixed: 3.2.1 +references: +- type: ADVISORY + url: https://nvd.nist.gov/vuln/detail/CVE-2021-45848 +- type: WEB + url: https://github.com/nicotine-plus/nicotine-plus/issues/1777 +- type: WEB + url: https://github.com/nicotine-plus/nicotine-plus/commit/0e3e2fac27a518f0a84330f1ddf1193424522045 +- type: PACKAGE + url: https://github.com/nicotine-plus/nicotine-plus +- type: WEB + url: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HWYV53KERFH2EC4XI2IVVQFTV75E5XM6 +- type: WEB + url: https://security.gentoo.org/glsa/202210-20 +- type: PACKAGE + url: https://pypi.org/project/nicotine-plus +- type: ADVISORY + url: https://github.com/advisories/GHSA-p4v2-r99v-wjc2 diff --git a/vulns/notebook/PYSEC-0000-notebook-GHSA-4952-p58q-6crx.yaml b/vulns/notebook/PYSEC-0000-notebook-GHSA-4952-p58q-6crx.yaml new file mode 100644 index 000000000..5f3dca983 --- /dev/null +++ b/vulns/notebook/PYSEC-0000-notebook-GHSA-4952-p58q-6crx.yaml @@ -0,0 +1,40 @@ +id: PYSEC-0000-notebook-GHSA-4952-p58q-6crx +modified: '2026-07-02T14:13:10.480332Z' +published: '2026-07-02T14:13:10.480332Z' +aliases: +- CVE-2021-32797 +- GHSA-4952-p58q-6crx +summary: 'JupyterLab: XSS due to lack of sanitization of the action attribute of an html