GitHub Security Advisory

kurtseifried · May 10, 2023 · 26206c7 · 26206c7
1 parent 0ab935f
commit 26206c7
Show file tree

Hide file tree

Showing 7 changed files with 75 additions and 13 deletions.
diff --git a/ghsa/composer/nilsteampassnet/teampass/GHSA-2ffp-w665-9mgx.json b/ghsa/composer/nilsteampassnet/teampass/GHSA-2ffp-w665-9mgx.json
@@ -33,12 +33,12 @@
         "Value": "CVE-2023-2516"
       }
     ],
-    "Description": "nilsteampassnet/teampass prior to 3.0.7 is vulnerable to cross site scripting (XSS) from item names within a folder.",
+    "Description": "nilsteampassnet/teampass prior to version 3.0.7 is vulnerable to cross site scripting (XSS) from item names within a folder.",
     "Origin": "UNSPECIFIED",
     "PublishedAt": "2023-05-05T21:31:11Z",
     "Severity": "MODERATE",
     "Summary": "Cross Site Scripting in nilsteampassnet/teampass",
-    "UpdatedAt": "2023-05-05T23:20:10Z",
+    "UpdatedAt": "2023-05-10T15:31:09Z",
     "WithdrawnAt": "",
     "CVSS": {
       "Score": 5.4,

diff --git a/ghsa/composer/nilsteampassnet/teampass/GHSA-prj5-2g2p-x2mw.json b/ghsa/composer/nilsteampassnet/teampass/GHSA-prj5-2g2p-x2mw.json
@@ -0,0 +1,56 @@
+{
+  "Severity": "HIGH",
+  "UpdatedAt": "2023-05-10T12:50:03Z",
+  "Package": {
+    "Ecosystem": "COMPOSER",
+    "Name": "nilsteampassnet/teampass"
+  },
+  "Advisory": {
+    "DatabaseId": 209629,
+    "Id": "GSA_kwCzR0hTQS1wcmo1LTJnMnAteDJtd84AAzLd",
+    "GhsaId": "GHSA-prj5-2g2p-x2mw",
+    "References": [
+      {
+        "Url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2591"
+      },
+      {
+        "Url": "https://github.com/nilsteampassnet/teampass/commit/57a977c6323656e5dc06ab5c227e75c3465a1a4a"
+      },
+      {
+        "Url": "https://huntr.dev/bounties/705f79f4-f5e3-41d7-82a5-f00441cd984b"
+      },
+      {
+        "Url": "https://github.com/advisories/GHSA-prj5-2g2p-x2mw"
+      }
+    ],
+    "Identifiers": [
+      {
+        "Type": "GHSA",
+        "Value": "GHSA-prj5-2g2p-x2mw"
+      },
+      {
+        "Type": "CVE",
+        "Value": "CVE-2023-2591"
+      }
+    ],
+    "Description": "In nilsteampassnet/teampass prior to 3.0.7, if two users have the same folder access, malicious users can create an item where its label field is vulnerable to HTML injection. When other users see that item, it may force them to redirect to the attacker's website or capture their data using a form. The issue is fixed in version 3.0.7.",
+    "Origin": "UNSPECIFIED",
+    "PublishedAt": "2023-05-09T12:30:22Z",
+    "Severity": "HIGH",
+    "Summary": "teampass vulnerable to code injection",
+    "UpdatedAt": "2023-05-10T12:50:03Z",
+    "WithdrawnAt": "",
+    "CVSS": {
+      "Score": 7.1,
+      "VectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N"
+    }
+  },
+  "Versions": [
+    {
+      "FirstPatchedVersion": {
+        "Identifier": "3.0.7"
+      },
+      "VulnerableVersionRange": "\u003c 3.0.7"
+    }
+  ]
+}
diff --git a/ghsa/composer/thorsten/phpmyfaq/GHSA-5mf7-p346-7rm8.json b/ghsa/composer/thorsten/phpmyfaq/GHSA-5mf7-p346-7rm8.json
@@ -33,12 +33,12 @@
         "Value": "CVE-2023-2550"
       }
     ],
-    "Description": "Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.",
+    "Description": "Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to  version 3.1.13.",
     "Origin": "UNSPECIFIED",
     "PublishedAt": "2023-05-05T21:31:11Z",
     "Severity": "HIGH",
     "Summary": "Cross Site Scripting in thorsten/phpmyfaq",
-    "UpdatedAt": "2023-05-05T23:15:12Z",
+    "UpdatedAt": "2023-05-10T15:28:52Z",
     "WithdrawnAt": "",
     "CVSS": {
       "Score": 8.2,

diff --git a/ghsa/go/github.com/ipfs/go-unixfs/GHSA-q264-w97q-q778.json b/ghsa/go/github.com/ipfs/go-unixfs/GHSA-q264-w97q-q778.json
@@ -36,12 +36,12 @@
         "Value": "CVE-2023-23625"
       }
     ],
-    "Description": "### Impact\nTrying to read malformed HAMT sharded directories can cause panics and virtual memory leaks.\nIf you are reading untrusted user input, an attacker can then trigger a panic.\n\nThis is caused by bogus `fanout` parameter in the HAMT directory nodes.\nThis include checks returned in [ipfs/go-bitfield GHSA-2h6c-j3gf-xp9r](https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r), as well as limiting the `fanout` to `\u003c= 1024` (to avoid attempts of arbitrary sized allocations).\n\n### Patches\n- https://github.com/ipfs/go-unixfs/commit/467d139a640ecee4f2e74643dafcc58bb3b54175\n\n### Workarounds\nDo not feed untrusted user data to the decoding functions.\n\n### References\n- https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r\n",
+    "Description": "### Impact\nTrying to read malformed HAMT sharded directories can cause panics and virtual memory leaks.\nIf you are reading untrusted user input, an attacker can then trigger a panic.\n\nThis is caused by bogus `fanout` parameter in the HAMT directory nodes.\nThis include checks returned in [ipfs/go-bitfield GHSA-2h6c-j3gf-xp9r](https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r), as well as limiting the `fanout` to `\u003c= 1024` (to avoid attempts of arbitrary sized allocations).\n\n### Patches\n- https://github.com/ipfs/go-unixfs/commit/dbcc43ec3e2db0d01e8d80c55040bba3cf22cb4b\n\n### Workarounds\nDo not feed untrusted user data to the decoding functions.\n\n### References\n- https://github.com/ipfs/go-bitfield/security/advisories/GHSA-2h6c-j3gf-xp9r\n",
     "Origin": "UNSPECIFIED",
     "PublishedAt": "2023-02-10T23:08:06Z",
     "Severity": "MODERATE",
     "Summary": "Denial of service via HAMT Decoding Panics",
-    "UpdatedAt": "2023-04-04T21:38:08Z",
+    "UpdatedAt": "2023-05-10T17:20:53Z",
     "WithdrawnAt": "",
     "CVSS": {
       "Score": 5.9,

diff --git a/ghsa/maven/com.ibeetl/beetl/GHSA-m69h-4frq-vwq7.json b/ghsa/maven/com.ibeetl/beetl/GHSA-m69h-4frq-vwq7.json
@@ -1,5 +1,5 @@
 {
-  "Severity": "HIGH",
+  "Severity": "CRITICAL",
   "UpdatedAt": "2023-05-05T02:21:43Z",
   "Package": {
     "Ecosystem": "MAVEN",
@@ -36,13 +36,13 @@
     "Description": "An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload.",
     "Origin": "UNSPECIFIED",
     "PublishedAt": "2023-05-04T03:30:22Z",
-    "Severity": "HIGH",
+    "Severity": "CRITICAL",
     "Summary": "Server-side template injection in beetl",
-    "UpdatedAt": "2023-05-05T02:21:43Z",
+    "UpdatedAt": "2023-05-10T15:26:57Z",
     "WithdrawnAt": "",
     "CVSS": {
-      "Score": 0,
-      "VectorString": ""
+      "Score": 9.8,
+      "VectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
     }
   },
   "Versions": [

diff --git a/ghsa/npm/total4/GHSA-jj45-24rw-v6jw.json b/ghsa/npm/total4/GHSA-jj45-24rw-v6jw.json
@@ -22,6 +22,12 @@
       {
         "Url": "https://github.com/totaljs/framework4/commit/e2cea690c3fe4453e94da896a69f832511f65179"
       },
+      {
+        "Url": "https://www.youtube.com/watch?v=8VbTm2sIdBE"
+      },
+      {
+        "Url": "https://www.youtube.com/watch?v=vOb9Fyg3iVo"
+      },
       {
         "Url": "https://github.com/advisories/GHSA-jj45-24rw-v6jw"
       }
@@ -41,7 +47,7 @@
     "PublishedAt": "2023-05-04T21:30:27Z",
     "Severity": "HIGH",
     "Summary": "Cross-site scripting in TotalJS",
-    "UpdatedAt": "2023-05-05T02:17:47Z",
+    "UpdatedAt": "2023-05-10T17:20:28Z",
     "WithdrawnAt": "",
     "CVSS": {
       "Score": 0,

diff --git a/last_updated.json b/last_updated.json
@@ -8,7 +8,7 @@
   "cwe": "2023-04-28T00:43:22.104006914Z",
   "debian": "2023-05-10T18:15:21.45672619Z",
   "debian-oval": "2021-11-10T06:12:41.7890491Z",
-  "ghsa": "2023-05-10T06:25:51.229455704Z",
+  "ghsa": "2023-05-10T18:22:34.888983223Z",
   "glad": "2023-05-08T19:04:18.494952815Z",
   "go-vulndb": "2023-05-06T01:13:27.182504563Z",
   "kevc": "2023-05-09T19:08:05.377053216Z",