Security Vulnerabilities - CVEs Published In May 2022
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be used by a low-privileged user to read and copy any artifact that exists in the Artifactory deployment due to improper permissions validation.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-05-23
OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0.
CVSS Score
8.3
EPSS Score
0.038
Published
2022-05-22
Access of Uninitialized Pointer in GitHub repository radareorg/radare2 prior to 5.7.0.
CVSS Score
7.4
EPSS Score
0.003
Published
2022-05-21
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'attacker@example.com\n\trole = "#admin"' value.
CVSS Score
9.8
EPSS Score
0.027
Published
2022-05-21
A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).
CVSS Score
7.5
EPSS Score
0.754
Published
2022-05-21
Solana solana_rbpf before 0.2.29 has an addition integer overflow via invalid ELF program headers. elf.rs has a panic via a malformed eBPF program.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-05-21
The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places (e.g., p1.xml instead of p1).
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-21
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
CVSS Score
9.0
EPSS Score
0.004
Published
2022-05-21
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection itself is still secure. The Certificate provided by clients can't be trusted when using a Pion DTLS server prior to version 2.1.5. Users should upgrade to version 2.1.5 to receive a patch. There are currently no known workarounds.
CVSS Score
5.9
EPSS Score
0.003
Published
2022-05-21
Smokescreen is an HTTP proxy. The primary use case for Smokescreen is to prevent server-side request forgery (SSRF) attacks in which external attackers leverage the behavior of applications to connect to or scan internal infrastructure. Smokescreen also offers an option to deny access to additional (e.g., external) URLs by way of a deny list. There was an issue in Smokescreen that made it possible to bypass the deny list feature by surrounding the hostname with square brackets (e.g. `[example.com]`). This only impacted the HTTP proxy functionality of Smokescreen. HTTPS requests were not impacted. Smokescreen version 0.0.4 contains a patch for this issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-05-21