CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26493 – miniOrange SAML Authentication Bypass
https://notcve.org/view.php?id=CVE-2022-26493
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signature - impersonating existing users and existing roles, including administrative users/roles. This vulnerability is not mitigated by configuring the module to enforce signatures or certificate checks. Xecurify recommends updating miniOrange modules to their most recent versions. This vulnerability is present in paid versions of the miniOrange Drupal SAML SP product affecting Drupal 7, 8, and 9. • https://rafarmerjr1.github.io/2022/06/13/SAML-miniOrange.html • CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-29248 – Cross-domain cookie leakage in Guzzle
https://notcve.org/view.php?id=CVE-2022-29248
Guzzle is a PHP HTTP client. Guzzle prior to versions 6.5.6 and 7.4.3 contains a vulnerability with the cookie middleware. The vulnerability is that it is not checked if the cookie domain equals the domain of the server which sets the cookie via the Set-Cookie header, allowing a malicious server to set cookies for unrelated domains. The cookie middleware is disabled by default, so most library consumers will not be affected by this issue. Only those who manually add the cookie middleware to the handler stack or construct the client with ['cookies' => true] are affected. • https://github.com/guzzle/guzzle/commit/74a8602c6faec9ef74b7a9391ac82c5e65b1cdab https://github.com/guzzle/guzzle/pull/3018 https://github.com/guzzle/guzzle/security/advisories/GHSA-cwmx-hcrq-mhc3 https://www.debian.org/security/2022/dsa-5246 https://www.drupal.org/sa-core-2022-010 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-565: Reliance on Cookies without Validation and Integrity Checking •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-24775 – Improper Input Validation in guzzlehttp/psr7
https://notcve.org/view.php?id=CVE-2022-24775
guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8.4 and 2.1.1 are vulnerable to improper header parsing. An attacker could sneak in a new line character and pass untrusted values. The issue is patched in 1.8.4 and 2.1.1. There are currently no known workarounds. guzzlehttp/psr7 es una biblioteca de mensajes HTTP PSR-7. • https://github.com/guzzle/psr7/pull/485/commits/e55afaa3fc138c89adf3b55a8ba20dc60d17f1f1 https://github.com/guzzle/psr7/pull/486/commits/9a96d9db668b485361ed9de7b5bf1e54895df1dc https://github.com/guzzle/psr7/security/advisories/GHSA-q7rv-6hp3-vh96 https://www.drupal.org/sa-core-2022-006 • CWE-20: Improper Input Validation •
CVSS: 5.4EPSS: 0%CPEs: 19EXPL: 0CVE-2022-24728 – Cross-site Scripting in CKEditor4
https://notcve.org/view.php?id=CVE-2022-24728
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4 prior to version 4.18.0. The vulnerability allows someone to inject malformed HTML bypassing content sanitization, which could result in executing JavaScript code. This problem has been patched in version 4.18.0. There are currently no known workarounds. • https://ckeditor.com/cke4/release/CKEditor-4.18.0 https://github.com/ckeditor/ckeditor4/commit/d158413449692d920a778503502dcb22881bc949 https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-4fc4-4p5g-6w89 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP https://www.drupal.org/sa-core-2022-005 https://www.oracle.com/security& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2022-24729 – Regular expression Denial of Service in dialog plugin
https://notcve.org/view.php?id=CVE-2022-24729
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds. • https://ckeditor.com/cke4/release/CKEditor-4.18.0 https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-f6rf-9m92-x2hh https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VR76VBN5GW5QUBJFHVXRX36UZ6YTCMW6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WOZGMCYDB2OKKULFXZKM6V7JJW4ZZHJP https://www.drupal.org/sa-core-2022-005 https://www.oracle.com/security-alerts/cpujul2022.html • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •