ghsa

All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.

### Impact The certificate in Apple Game Center auth adapter not validated. As a result, authentication could potentially be bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. ### Patches To prevent this, a new `rootCertificateUrl` property is introduced to the Parse Server Apple Game Center auth adapter which takes the URL to the root certificate of Apple's Game Center authentication certificate. If no value is set, the `rootCertificateUrl` property defaults to the URL of the [current root certificate](https://developer.apple.com/news/?id=stttq465) as of May 27, 2022. Keep in mind that the root certificate can change at any time (expected to be announced by Apple) and that it is the developer's responsibility to keep the root certificate URL up-to-date when using the Parse Server Apple Game Center auth adapter. ### Workarounds None. ### References - https://github.com/parse-community/parse-ser...

### Impact InvenTree uses [EasyMDE](https://github.com/Ionaru/easy-markdown-editor) for displaying markdown text in various places (e.g. for the various "notes" fields associated with various models). By default, EasyMDE does not sanitize input data, and it is possible for malicious code to be injected into the markdown editor, and executed in the users browser. *Note: This malicious data must be first uploaded to the database by an authorized user, so the risk here is limited to trusted users* ### Solution The solution here is two-fold: - Enable data sanitization for the EasyMDE renderer - [#3205](https://github.com/inventree/InvenTree/pull/3205) - Enforce cleaning of all data uploaded to the database via the API - [#3204](https://github.com/inventree/InvenTree/pull/3204) *(This will be ready for the 0.8.0 release)* ### Patches - The issue is addressed in the upcoming 0.8.0 release - This fix will also be back-ported to the 0.7.x branch, applied to the 0.7.3 release ### Worka...

The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability.

The extension fails to properly encode user input for output in HTML context. A TYPO3 backend user account is required to exploit the vulnerability.

A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception with a carefully crafted message.

A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to cause a server to trigger an out of memory exception by sending a large number of message chunks.

A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client or server to bypass the application authentication mechanism and allow a connection to an untrusted peer.

A vulnerability was discovered in the OPC UA .NET Standard Stack that allows a malicious client to trigger a stack overflow exception in a server that exposes an HTTPS endpoint.

A vulnerability was discovered in OPC UA .NET Standard Stack that allows a malicious client or server to cause a peer to hang with a carefully crafted message sent during secure channel creation.