CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-37767
https://notcve.org/view.php?id=CVE-2022-37767
Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. • https://github.com/PebbleTemplates/pebble/issues/625#issuecomment-1282138635 https://github.com/Y4tacker/Web-Security/issues/3 • CWE-863: Incorrect Authorization •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 2CVE-2022-36100 – XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection
https://notcve.org/view.php?id=CVE-2022-36100
XWiki Platform Applications Tag and XWiki Platform Tag UI are tag applications for XWiki, a generic wiki platform. Starting with version 1.7 in XWiki Platform Applications Tag and prior to 13.10.6 and 14.4 in XWiki Platform Tag UI, the tags document `Main.Tags` in XWiki didn't sanitize user inputs properly. This allowed users with view rights on the document (default in a public wiki or for authenticated users on private wikis) to execute arbitrary Groovy, Python and Velocity code with programming rights. This also allowed bypassing all rights checks and thus both modification and disclosure of all content stored in the XWiki installation. The vulnerability could be used to impact the availability of the wiki. • https://github.com/xwiki/xwiki-platform/commit/604868033ebd191cf2d1e94db336f0c4d9096427 https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-2g5c-228j-p52x https://jira.xwiki.org/browse/XWIKI-19747 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 9.9EPSS: 0%CPEs: 3EXPL: 1CVE-2022-36099 – XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability
https://notcve.org/view.php?id=CVE-2022-36099
XWiki Platform Wiki UI Main Wiki is software for managing subwikis on XWiki Platform, a generic wiki platform. Starting with version 5.3-milestone-2 and prior to versions 13.10.6 and 14.4, it's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity script macros via the request (URL parameter) using the `XWikiServerClassSheet` if the user has view access to this sheet and another page that has been saved with programming rights, a standard condition on a public read-only XWiki installation or a private XWiki installation where the user has an account. This allows arbitrary Groovy/Python/Velocity code execution which allows bypassing all rights checks and thus both modification and disclosure of all content stored in the XWiki installation. Also, this could be used to impact the availability of the wiki. This has been patched in versions 13.10.6 and 14.4. • https://github.com/xwiki/xwiki-platform/commit/fc77f9f53bc65a4a9bfae3d5686615309c0c76cc https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xr6m-2p4m-jvqf https://jira.xwiki.org/browse/XWIKI-19746 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 1CVE-2022-36069 – Poetry Argument Injection vulnerability can lead to local Code Execution
https://notcve.org/view.php?id=CVE-2022-36069
Poetry is a dependency manager for Python. When handling dependencies that come from a Git repository instead of a registry, Poetry uses various commands, such as `git clone`. These commands are constructed using user input (e.g. the repository URL). When building the commands, Poetry correctly avoids Command Injection vulnerabilities by passing an array of arguments instead of a command string. However, there is the possibility that a user input starts with a dash (`-`) and is therefore treated as an optional argument instead of a positional one. • https://github.com/python-poetry/poetry/releases/tag/1.1.9 https://github.com/python-poetry/poetry/releases/tag/1.2.0b1 https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw https://www.sonarsource.com/blog/securing-developer-tools-package-managers • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-36070 – Poetry's Untrusted Search Path can lead to Local Code Execution on Windows
https://notcve.org/view.php?id=CVE-2022-36070
This vulnerability can lead to Arbitrary Code Execution, which would lead to the takeover of the system. • https://github.com/python-poetry/poetry/releases/tag/1.1.9 https://github.com/python-poetry/poetry/releases/tag/1.2.0b1 https://github.com/python-poetry/poetry/security/advisories/GHSA-j4j9-7hg9-97g6 • CWE-426: Untrusted Search Path •