Dominic Couture

**Name of the Vulnerable Software and Affected Versions** Ruby URI component versions prior to 0.12.1 Ruby URI component versions prior to 0.11.1 Ruby URI component versions prior to 0.10.2 Ruby URI component version 0.10.0 **Description** The issue is related to the incorrect implementation of handling invalid URLs in the Ruby URI component. This allows a remote attacker to cause a denial of service by exploiting the ReDoS vulnerability, which causes an increase in execution time for parsing strings to URI objects when encountering specific characters in invalid URLs. **Recommendations** For Ruby URI component versions prior to 0.12.1, update to version 0.12.1 or later. For Ruby URI component versions prior to 0.11.1, update to version 0.11.1 or later. For Ruby URI component versions prior to 0.10.2, update to version 0.10.2 or later. For Ruby URI component version 0.10.0, update to version 0.10.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions prior to 14.3.6 GitLab CE/EE versions 14.4.0 through 14.4.3 GitLab CE/EE versions 14.5.0 through 14.5.1 **Description** An issue has been discovered in GitLab CE/EE that allows unprivileged users to add other users to groups through the GitLab REST API under certain conditions, even if this action is not possible through the Web UI. **Recommendations** For versions prior to 14.3.6, update to version 14.3.6 or later. For versions 14.4.0 through 14.4.3, update to version 14.4.4 or later. For versions 14.5.0 through 14.5.1, update to version 14.5.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab CE/EE versions 8.15 through 14.3.6 GitLab CE/EE versions 14.4 through 14.4.4 GitLab CE/EE versions 14.5 through 14.5.2 **Description** A vulnerable regular expression pattern in GitLab CE/EE allows an attacker to cause uncontrolled resource consumption leading to Denial of Service via specially crafted deploy Slash commands. **Recommendations** For versions 8.15 through 14.3.6, update to version 14.3.6 or later to resolve the issue. For versions 14.4 through 14.4.4, update to version 14.4.4 or later to resolve the issue. For versions 14.5 through 14.5.2, update to version 14.5.2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Kibana (affected versions not specified) Description: A security issue was found in Kibana where it failed to validate user-supplied paths on Windows operating systems, allowing malicious users to load internal files with the .pbf extension by arbitrarily traversing the Kibana host. This was discovered by Dominic Couture. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mahara versions prior to 20.04.5 Mahara versions prior to 20.10.3 Mahara versions prior to 21.04.2 Mahara versions prior to 21.10.0 **Description** The issue allows attackers to bypass the intended access control for HTML files via directory traversal by adjusting the path component for the page help file. This is achieved by replacing the `-` character with the `/` character, enabling unauthorized access. **Recommendations** For versions prior to 20.04.5, update to version 20.04.5 or later. For versions prior to 20.10.3, update to version 20.10.3 or later. For versions prior to 21.04.2, update to version 21.04.2 or later. For versions prior to 21.10.0, update to version 21.10.0 or later.

**Name of the Vulnerable Software and Affected Versions** Mahara versions prior to 20.04.5 Mahara versions prior to 20.10.3 Mahara versions prior to 21.04.2 Mahara versions prior to 21.10.0 **Description** The issue allows certain tag syntax to be used for XSS, such as via a `SCRIPT` element. This can be exploited to execute malicious scripts. **Recommendations** For versions prior to 20.04.5, update to version 20.04.5 or later. For versions prior to 20.10.3, update to version 20.10.3 or later. For versions prior to 21.04.2, update to version 21.04.2 or later. For versions prior to 21.10.0, update to version 21.10.0 or later.

**Name of the Vulnerable Software and Affected Versions** Mahara versions prior to 20.04.5 Mahara versions prior to 20.10.4 Mahara versions prior to 21.04.3 Mahara versions prior to 21.10.1 **Description** The issue allows code execution via shell metacharacters in a collection name when exporting collections via PDF export. **Recommendations** For versions prior to 20.04.5, update to version 20.04.5 or later. For versions prior to 20.10.4, update to version 20.10.4 or later. For versions prior to 21.04.3, update to version 21.04.3 or later. For versions prior to 21.10.1, update to version 21.10.1 or later.

Name of the Vulnerable Software and Affected Versions: Kibana versions prior to 7.12.1 Description: A denial of service issue was found in the webhook actions due to a lack of timeout or a limit on the request size. An attacker with permissions to create webhook actions could drain the Kibana host connection pool, making Kibana unavailable for all other users. Recommendations: For versions prior to 7.12.1, update to version 7.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to create webhook actions to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Elastic App Search versions after 7.11.0 and before 7.12.0 Description: The issue is an XML External Entity Injection (XXE) problem in the App Search web crawler beta feature. An attacker can exploit this by crafting a malicious sitemap.xml file, allowing them to traverse the filesystem of the host running the instance and obtain sensitive files. Recommendations: For Elastic App Search versions after 7.11.0 and before 7.12.0, consider disabling the App Search web crawler beta feature until a patch is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 8.12 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 **Description** An issue has been discovered in GitLab EE where a regular expression related to a file path resulted in the Advanced Search feature being susceptible to catastrophic backtracking. **Recommendations** For versions 8.12 through 13.3.8, update to version 13.3.9 or later. For versions 13.4 through 13.4.4, update to version 13.4.5 or later. For versions 13.5 through 13.5.1, update to version 13.5.2 or later.