Vulnerabilidades

GeoServer es un servidor de software de código abierto escrito en Java que permite a los usuarios compartir y editar datos geoespaciales. GeoServer incluye soporte para el lenguaje de expresión de filtro OGC y el lenguaje de consulta común (CQL) de OGC como parte de los protocolos Web Feature Service (WFS) y Web Map Service (WMS). CQL también es compatible a través del protocolo Web Coverage Service (WCS) para coberturas de ImageMosaic. Se recomienda a los usuarios que actualicen a la versión 2.21.4 o 2.22.2 para resolver este problema. Los usuarios que no puedan actualizar deben deshabilitar la configuración *encode funciones* de PostGIS Datastore para mitigar el mal uso de ``strEndsWith``, ``strStartsWith`` y ``PropertyIsLike `` y habilitar la configuración *preparedStatements* de PostGIS DataStore para mitigar ``FeatureId` `mal uso.

Un problema de control de acceso en Axcora POS #0~gitf77ec09 permite a atacantes no autenticados ejecutar comandos arbitrarios a través de vectores no especificados.

Minio es un framework de almacenamiento de objetos Multi-Cloud. Las versiones afectadas no respetan correctamente la política "Denegar" en ByPassGoverance. Idealmente, minio debería devolver "Acceso denegado" a todos los usuarios que intenten ELIMINAR un ID de versión con el encabezado especial "X-Amz-Bypass-Governance-Retention: true". Sin embargo, esto no se cumplió; en cambio, la solicitud se aceptará y un objeto bajo control se eliminará incorrectamente. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.

Uptime Kuma es una herramienta de monitoreo autohospedada. En versiones anteriores a la 1.20.0, el parámetro "nombre" de Uptime Kuma permite un ataque XSS persistente. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.

Uptime Kuma es una herramienta de monitoreo autohospedada. En versiones anteriores a la 1.20.0, la página de estado de Uptime Kuma permite un ataque XSS persistente. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.

*** Pendiente de traducción *** Nautobot is a Network Source of Truth and Network Automation Platform. All users of Nautobot versions earlier than 1.5.7 are impacted by a remote code execution vulnerability. Nautobot did not properly sandbox Jinja2 template rendering. In Nautobot 1.5.7 has enabled sandboxed environments for the Jinja2 template engine used internally for template rendering for the following objects: `extras.ComputedField`, `extras.CustomLink`, `extras.ExportTemplate`, `extras.Secret`, `extras.Webhook`. While no active exploits of this vulnerability are known this change has been made as a preventative measure to protect against any potential remote code execution attacks utilizing maliciously crafted template code. This change forces the Jinja2 template engine to use a `SandboxedEnvironment` on all new installations of Nautobot. This addresses any potential unsafe code execution everywhere the helper function `nautobot.utilities.utils.render_jinja2` is called. Additionally, the documentation that had previously suggesting the direct use of `jinja2.Template` has been revised to suggest `render_jinja2`. Users are advised to upgrade to Nautobot 1.5.7 or newer. For users that are unable to upgrade to the latest release of Nautobot, you may add the following setting to your `nautobot_config.py` to apply the sandbox environment enforcement: `TEMPLATES[1]["OPTIONS"]["environment"] = "jinja2.sandbox.SandboxedEnvironment"` After applying this change, you must restart all Nautobot services, including any Celery worker processes. **Note:** *Nautobot specifies two template engines by default, the first being “django” for the Django built-in template engine, and the second being “jinja” for the Jinja2 template engine. This recommended setting will update the second item in the list of template engines, which is the Jinja2 engine.* For users that are unable to immediately update their configuration such as if a Nautobot service restart is too disruptive to operations, access to provide custom Jinja2 template values may be mitigated using permissions to restrict “change” (write) actions to the affected object types listed in the first section. **Note:** *This solution is intended to be stopgap until you can successfully update your `nautobot_config.py` or upgrade your Nautobot instance to apply the sandboxed environment enforcement.*

*** Pendiente de traducción *** GeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations. Users are advised to upgrade to either version 27.4 or to 28.2 to resolve this issue. Users unable to upgrade may disable `encode functions` for PostGIS DataStores or enable `prepared statements` for JDBCDataStores as a partial mitigation.

*** Pendiente de traducción *** A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file billing/index.php?id=9. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-221593 was assigned to this vulnerability.

*** Pendiente de traducción *** A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "> leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221592.

*** Pendiente de traducción *** Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP services.

*** Pendiente de traducción *** A vulnerability was found in InSTEDD Pollit 2.3.1. It has been rated as critical. This issue affects the function TourController of the file app/controllers/tour_controller.rb. The manipulation leads to an unknown weakness. The attack may be initiated remotely. Upgrading to version 2.3.2 is able to address this issue. The patch is named 6ef04f8b5972d5f16f8b86f8b53f62fac68d5498. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-221507.

*** Pendiente de traducción *** The Japanized For WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in versions up to, and including, 2.5.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.