11 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Boa is an embeddable and experimental Javascript engine written in Rust. Starting in version 0.16 and prior to version 0.19.0, a wrong assumption made when handling ECMAScript's `AsyncGenerator` operations can cause an uncaught exception on certain scripts. Boa's implementation of `AsyncGenerator` makes the assumption that the state of an `AsyncGenerator` object cannot change while resolving a promise created by methods of `AsyncGenerator` such as `%AsyncGeneratorPrototype%.next`, `%AsyncGeneratorPrototype%.return`, or `%AsyncGeneratorPrototype%.throw`. However, a carefully constructed code could trigger a state transition from a getter method for the promise's `then` property, which causes the engine to fail an assertion of this assumption, causing an uncaught exception. This could be used to create a Denial Of Service attack in applications that run arbitrary ECMAScript code provided by an external user. • https://github.com/boa-dev/boa/security/advisories/GHSA-f67q-wr6w-23jq https://github.com/tc39/ecma262/security/advisories/GHSA-g38c-wh3c-5h9r https://github.com/boa-dev/boa/commit/69ea2f52ed976934bff588d6b566bae01be313f7 • CWE-248: Uncaught Exception •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism. Las versiones 0.94.13 a 0.94.14 de Boa Web Server no validan la restricción de seguridad correcta en el método HEAD HTTP, lo que permite a todos omitir el mecanismo Basic Authorization. • https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html • CWE-863: Incorrect Authorization •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Boa 0.94.14rc21 is vulnerable to SQL Injection via username. NOTE: the is disputed by multiple third parties because Boa does not ship with any support for SQL. Boa 0.94.14rc21 es vulnerable a la inyección SQL mediante nombre de usuario. • https://gist.github.com/yinfei6/20bd1d3ebe0803c2d8756ace3e173676 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. NOTE: multiple third parties report that this is a site-specific issue because those files are not part of Boa. Boa versión 0.94.13 permite a atacantes remotos obtener información confidencial por medio de una configuración incorrecta que involucra los archivos backup.html, preview.html, js/log.js, log.html, email.html, online-users.html y config.js • https://github.com/mdanzaruddin/CVE-2021-33558. https://github.com/anldori/CVE-2021-33558 https://github.com/mdanzaruddin/CVE-2021-33558./issues/1 https://sourceforge.net/projects/boa/files/boa/0.94.13 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function. Boa versiones hasta 0.94.14rc21, permite a atacantes remotos activar una pérdida de memoria debido a llamadas perdidas a la función free. • https://github.com/gpg/boa/pull/1 https://github.com/gpg/boa/pull/1/commits/e139b87835994d007fbd64eead6c1455d7b8cf4e • CWE-772: Missing Release of Resource after Effective Lifetime •