Iarce-Qb

Name of the Vulnerable Software and Affected Versions: liboqs versions prior to 0.12.0 Description: A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism in liboqs, a C-language cryptographic library. The error is due to an indexing issue, causing part of the secret key to be incorrectly treated as non-secret data. This results in an incorrect shared secret value being returned when the decapsulation function is called with a malformed ciphertext. Recommendations: For versions prior to 0.12.0, update to version 0.12.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** @strapi/plugin-users-permissions versions prior to 4.24.2 **Description** The issue arises from combining two vulnerabilities in @strapi/plugin-users-permissions: an Open Redirect and a session token sent as a URL query parameter. This allows an unauthenticated attacker to bypass authentication mechanisms and retrieve third-party tokens. The attack requires user interaction, specifically one click. By exploiting these vulnerabilities, attackers can leverage them to obtain a third-party token and bypass the authentication of Strapi apps. Technical details: - **API Endpoints:** The vulnerable endpoint is `/api/connect/microsoft`, where the `callback` parameter can be manipulated. - **Vulnerable Parameters or Variables:** The `callback` parameter in the URL query is vulnerable, allowing an attacker to redirect users to an arbitrary external domain. - **Function Names:** The `callback` function in the `auth.js` file is involved in the vulnerability. **Recommendations** - Upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch. - As a temporary workaround, consider restricting access to the `/api/connect/microsoft` endpoint to minimize the risk of exploitation. - Avoid using the `callback` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** GLPI versions prior to 10.0.13 **Description** GLPI is a Free Asset and IT Management Software package that includes features such as data center management, ITIL Service Desk, licenses tracking, and software auditing. An authenticated user can execute a Server-Side Request Forgery (SSRF) based attack using Arbitrary Object Instantiation. **Recommendations** For versions prior to 10.0.13, update to version 10.0.13 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** GLPI versions prior to 10.0.13 **Description** The issue is related to a SQL injection vulnerability in the search engine of GLPI, a Free Asset and IT Management Software package. An authenticated user can exploit this vulnerability to extract data from the database. **Recommendations** For versions prior to 10.0.13, update to version 10.0.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the search engine until a patch is applied.