Security Vulnerabilities - CVEs Published In July 2023
In Hazelcast through 5.0.4, 5.1 through 5.1.6, and 5.2 through 5.2.3, executor services don't check client permissions properly, allowing authenticated users to execute tasks on members without the required permissions granted.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-07-18
Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.)
Specifically, an application is vulnerable when all of the following are true:
* Spring MVC is on the classpath
* Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet)
* The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints
An application is not vulnerable if any of the following is true:
* The application does not have Spring MVC on the classpath
* The application secures no servlets other than Spring MVC’s DispatcherServlet
* The application uses requestMatchers(String) only for Spring MVC endpoints
CVSS Score
7.3
EPSS Score
0.022
Published
2023-07-18
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgrading to version 2.0.28 is able to address this issue. The name of the patch is dcaad2540f7d50c512ff2e031d3778dd9337db2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-234248.
CVSS Score
5.5
EPSS Score
0.004
Published
2023-07-18
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-07-18
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WeSecur Security plugin <= 1.2.1 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-07-18
In NATO Communications and Information Agency anet (aka Advisor Network) through 3.3.0, an attacker can provide a crafted JSON file to sanitizeJson and cause an exception. This is related to the U+FFFD Unicode replacement character. A for loop does not consider that a data structure is being modified during loop execution.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-07-18
Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 3.9.5 versions.
CVSS Score
5.9
EPSS Score
0.0
Published
2023-07-18
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <= 1.2.40 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-07-18
Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-07-18
Improper Authentication vulnerability in miniOrange OAuth Single Sign On – SSO (OAuth Client) plugin allows Authentication Bypass.This issue affects OAuth Single Sign On – SSO (OAuth Client): from n/a through 6.23.3.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-07-18