Josh Sheppard

**Name of the Vulnerable Software and Affected Versions** Zepl Notebooks versions prior to October 25, 2021 **Description** A Remote Code Execution (RCE) issue exists, allowing malicious users to create new Zepl Notebooks with specially crafted malicious code, which can then launch remote code execution. This occurs after a user authenticates and creates a new organization, enabling collaboration abilities and the addition of users. The issue is exploited by creating a new notebook with malicious code. **Recommendations** For Zepl Notebooks versions prior to October 25, 2021, update to a version released after October 25, 2021, to resolve the issue. As a temporary workaround, consider restricting the creation of new notebooks and limiting collaboration abilities to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Algorithmia MSOL versions prior to October 10, 2021 **Description** A Remote Code Execution (RCE) issue exists, allowing users to launch remote code execution after authenticating and creating a specially crafted Algorithm. Users can register for an account, receive credits, and then proceed to exploit this issue. **Recommendations** For versions prior to October 10, 2021, consider disabling the ability to create new Algorithms until a fix is available, and restrict the launch of remote code execution to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Zepl Notebooks versions prior to 2021-10-25 **Description** The issue allows for a sandbox escape, enabling Remote Code Execution from the Notebook. This can lead to accessing internal Zepl assets, including cloud metadata services. **Recommendations** For Zepl Notebooks versions prior to 2021-10-25, update to a version released after 2021-10-25 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** OneShield Policy (Dragon Core) versions prior to 5.1.10 **Description** A log poisoning issue has been found, allowing authenticated remote adversaries to poison log files by entering malicious payloads in either headers or form elements, which are then executed via a client-side debugging console. This issue is dependent on the debugging console and Java Bean being accessible to the deployed application. **Recommendations** For versions prior to 5.1.10, update to version 5.1.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the debugging console and Java Bean to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OneShield Policy (Dragon Core) versions prior to 5.1.10 **Description** A persistent XSS issue has been identified, allowing remote adversaries to inject malicious JavaScript into textboxes decorated with type string. This malicious code is stored in the applicable data store and can be exploited remotely by both authenticated and unauthenticated users. **Recommendations** For versions prior to 5.1.10, update to version 5.1.10 or later to resolve the issue. As a temporary workaround, consider restricting access to textboxes that allow string input to minimize the risk of exploitation.