CVEs on Anthony Weems https://amlw.dev/cve/ Recent content in CVEs on Anthony Weems Hugo -- gohugo.io en-us Fri, 22 Apr 2022 00:00:00 +0000 CVE-2021-25746: Ingress-nginx directive injection via annotations https://amlw.dev/cve/cve-2021-25746/ Fri, 22 Apr 2022 00:00:00 +0000 https://amlw.dev/cve/cve-2021-25746/ A user that can create or update ingress objects can use <code>.metadata.annotations</code> in an Ingress object (in the <code>networking.k8s.io</code> or <code>extensions</code> API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. CVE-2022-21496: Improper Implementation of the LDAP URI Specification Allowing for Host Validation Bypasses https://amlw.dev/cve/cve-2022-21496/ Tue, 19 Apr 2022 00:00:00 +0000 https://amlw.dev/cve/cve-2022-21496/ A parser differential between <code>com.sun.jndi.ldap.LdaoURL</code> and <code>java.net.URI</code> may lead to LDAP URI validation bypasses. CVE-2022-21701: Istio Privileged Escalation in Kubernetes Gateway API https://amlw.dev/cve/cve-2022-21701/ Tue, 18 Jan 2022 00:00:00 +0000 https://amlw.dev/cve/cve-2022-21701/ Istio version 1.12.0 and 1.12.1 are vulnerable to a privilege escalation attack. Users who have CREATE permission for gateways.gateway.networking.k8s.io objects can escalate this privilege to create other resources that they may not have access to, such as Pod. CVE-2019-18818: strapi Password Reset Auth Bypass https://amlw.dev/cve/cve-2019-18818/ Thu, 07 Nov 2019 00:00:00 +0000 https://amlw.dev/cve/cve-2019-18818/ strapi before 3.0.0-beta.17.5 mishandles password resets within default authentication controllers. CVE-2019-1003040: Jenkins Script Security plugin sandbox escape https://amlw.dev/cve/cve-2019-1003040/ Thu, 28 Mar 2019 00:00:00 +0000 https://amlw.dev/cve/cve-2019-1003040/ Sandbox projection in the &ldquo;Script Security and Pipeline: Groovy Plugins&rdquo; could be circumvented through methods supporting type casts and type coercion. This allowed attackers to invoke constructors for arbitrary types. CVE-2018-2813: MySQL Missing Privilege Check https://amlw.dev/cve/cve-2018-2813/ Fri, 15 Dec 2017 00:00:00 +0000 https://amlw.dev/cve/cve-2018-2813/ Privilege escalation in MySQL server due to a missing file permission check. CVE-2016-7063: Pritunl Privilege Escalation via Path Traversal https://amlw.dev/cve/cve-2016-7063/ Tue, 23 Aug 2016 00:00:00 +0000 https://amlw.dev/cve/cve-2016-7063/ The Pritunl Client service accepted configuration data which was saved to a file. The service, running as root, would write user specified data to the user specified path, leading to privilege escalation. CVE-2016-7064: Pritunl Invalid Signature Verification https://amlw.dev/cve/cve-2016-7064/ Tue, 23 Aug 2016 00:00:00 +0000 https://amlw.dev/cve/cve-2016-7064/ The Pritunl Client did not validate VPN server certificates before initiating a VPN connection. CVE-2016-4991: Command injection in NodePDF https://amlw.dev/cve/cve-2016-4991/ Tue, 24 May 2016 00:00:00 +0000 https://amlw.dev/cve/cve-2016-4991/ NodePDF passes filenames to child_process.exec(), however, it does not properly encode all special characters. CVE-2015-5238: Stack overflow in libtre5 https://amlw.dev/cve/cve-2015-5238/ Wed, 01 Jul 2015 00:00:00 +0000 https://amlw.dev/cve/cve-2015-5238/ A buffer overflow exists in tre_parse() when parsing a literal (e.g. \x{deadbeef}), used during regular expression compilation.