CVE-2024-23686 – DependencyCheck Debug Mode Logging of NVD API Key
https://notcve.org/view.php?id=CVE-2024-23686
DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file. DependencyCheck para Maven 9.0.0 a 9.0.6, para la Interfaz de Línea de Comandos (CLI) versión 9.0.0 a 9.0.5 y para Ant versiones 9.0.0 a 9.0.5, cuando se usa en modo de depuración, permite a un atacante recuperar la clave API NVD de un archivo de registro. • https://github.com/advisories/GHSA-qqhq-8r2c-c3f5 https://github.com/jeremylong/DependencyCheck/security/advisories/GHSA-qqhq-8r2c-c3f5 https://vulncheck.com/advisories/vc-advisory-GHSA-qqhq-8r2c-c3f5 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2023-38199
https://notcve.org/view.php?id=CVE-2023-38199
coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and the backend application. This occurs when the web application relies on only the last Content-Type header. Other platforms may reject the additional Content-Type header or merge conflicting headers, leading to detection as a malformed header. • https://github.com/coreruleset/coreruleset/issues/3191 https://github.com/coreruleset/coreruleset/pull/3237 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2021-4247 – OWASP NodeGoat Query Parameter research.js denial of service
https://notcve.org/view.php?id=CVE-2021-4247
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the patch is 4a4d1db74c63fb4ff8d366551c3af006c25ead12. • https://github.com/OWASP/NodeGoat/commit/4a4d1db74c63fb4ff8d366551c3af006c25ead12 https://github.com/OWASP/NodeGoat/issues/225 https://vuldb.com/?id.216184 • CWE-404: Improper Resource Shutdown or Release •
CVE-2022-39351 – Dependency-Track vulnerable to logging of API keys in clear text when handling API requests using keys with insufficient permissions
https://notcve.org/view.php?id=CVE-2022-39351
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.6.0, performing an API request using a valid API key with insufficient permissions causes the API key to be written to Dependency-Track's audit log in clear text. Actors with access to the audit log can exploit this flaw to gain access to valid API keys. The issue has been fixed in Dependency-Track 4.6.0. Instead of logging the entire API key, only the last 4 characters of the key will be logged. • https://docs.dependencytrack.org/changelog https://github.com/DependencyTrack/dependency-track/blob/4.5.0/src/main/docker/logback.xml https://github.com/DependencyTrack/dependency-track/security/advisories/GHSA-gh7v-4hxp-gqp4 • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2022-39350 – @dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details
https://notcve.org/view.php?id=CVE-2022-39350
@dependencytrack/frontend is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Due to the common practice of providing vulnerability details in markdown format, the Dependency-Track frontend renders them using the JavaScript library Showdown. Showdown does not have any XSS countermeasures built in, and versions before 4.6.1 of the Dependency-Track frontend did not encode or sanitize Showdown's output. This made it possible for arbitrary JavaScript included in vulnerability details via HTML attributes to be executed in context of the frontend. Actors with the `VULNERABILITY_MANAGEMENT` permission can exploit this weakness by creating or editing a custom vulnerability and providing XSS payloads in any of the following fields: Description, Details, Recommendation, or References. • https://docs.dependencytrack.org/changelog https://github.com/DependencyTrack/frontend/security/advisories/GHSA-c33w-pm52-mqvf https://github.com/showdownjs/showdown/wiki/Markdown%27s-XSS-Vulnerability-%28and-how-to-mitigate-it%29 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •