CVE-2022-39299 Passport-SAML is a SAML 2.0 authentication provider for Passport, the Node.js authentication library. A remote attacker may be able to bypass SAML authentication.
Passport no longer ships with a custom implementation of the `saml2` Passport extension, but `node-saml` still relies on the old extension for its SAML implementation.
CVE-2022-0030
This authentication bypass vulnerability can be exploited remotely by crafting a malicious email message or a malicious URL that is redirected to a specially crafted
CVE-2022-37614 Mocking function calls in mockery.js with the key variable.
By knowing what kinds of data are being passed to the server and what kinds of data can be returned, you can build a more
CVE-2022-42037 The d8s-asns package had a third party backdoor, democritus-csv.
The package got removed from PyPI on 18 January 2018, about a month after the issue was detected. It can be downloaded from the source
CVE-2022-41192 An attacker can cause a victim's application to crash by sending a JT file and then crashing the victim's application with the file.
The user will receive the following message: “unexpected exception in SAP ERP -3D Viewer of type java.lang.IndexOutOfBoundsException: java.lang.IndexOutOfBoundsException: Arrays are not
Episode
00:00:00
00:00:00