Kamil Dudka

**Nome do software vulnerável e versões afetadas** csmock (versões afetadas não especificadas) **Descrição** Foi identificada uma vulnerabilidade no csmock, na qual um usuário comum do serviço OSH, com um ticket Kerberos válido, pode revelar o token de autenticação confidencial do Snyk e executar comandos arbitrários nos workers do OSH. A vulnerabilidade pode ser explorada por meio de um vetor de ataque na rede local. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** curl versions prior to 7.52.1 **Description** The issue arises from an uninitialized random value in libcurl's internal function, which is used to generate nonces for Digest and NTLM authentication, boundary strings in HTTP formposts, and more. This weak or virtually non-existent random value makes the operations that use it vulnerable. The internal function was implemented poorly, overwriting the pointer instead of writing the value into the buffer the pointer pointed to. **Recommendations** For versions prior to 7.52.1, update to version 7.52.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of Digest and NTLM authentication, as well as HTTP formposts, until a patch is available.

**Name of the Vulnerable Software and Affected Versions** cURL and libcurl versions 7.40.0 through 7.42.1 **Description** The issue allows remote attackers to obtain sensitive information via unspecified vectors. This occurs when cURL and libcurl send the HTTP Basic authentication credentials for a previous connection when reusing a reset connection handle to send a request to the same host name. libcurl can wrongly send HTTP credentials when re-using connections, specifically when using the `curl easy reset()` function, which is supposed to clear the credentials but does not. This can lead to credentials being leaked in subsequent requests to the same hostname. **Recommendations** For versions 7.40.0 through 7.42.1, consider disabling the use of `curl easy reset()` until a patch is available, and avoid reusing connection handles for requests to the same hostname after authentication has been used. Restrict access to sensitive resources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.