Mik317

**Name of the Vulnerable Software and Affected Versions** SimbCo httpster (affected versions not specified) **Description** A critical vulnerability was found in SimbCo httpster, affecting the `fs.realpathSync` function of the file `src/server.coffee`. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** launchpad versions all **Description** The issue concerns Command Injection via the stop function. **Recommendations** For all versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** logkitty versions prior to 0.7.1 **Description** The issue is related to a lack of output sanitization, which allowed an attack to execute arbitrary shell commands via the logkitty npm package. **Recommendations** For versions prior to 0.7.1, update to version 0.7.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Pivotal Concourse versions prior to 6.0.0 **Description** The issue allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse. **Recommendations** For versions prior to 6.0.0, update to version 6.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the OAuth redirect link to trusted websites only. Avoid using untrusted websites with the OAuth redirect link until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** OAuth2 Proxy versions prior to 5.1.1 **Description** The issue is related to an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This redirect URL is checked within the proxy and validated before redirecting the user to prevent malicious actors providing redirects to potentially harmful sites. However, by crafting a redirect URL with HTML encoded whitespace characters, the validation could be bypassed and allow a redirect to any URL provided. **Recommendations** For OAuth2 Proxy versions prior to 5.1.1, update to version 5.1.1 to resolve the issue. As a temporary workaround, consider validating redirect URLs more strictly to prevent bypassing the validation. Restrict access to the `IsValidRedirect` function to minimize the risk of exploitation. Avoid using HTML encoded whitespace characters in redirect URLs until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Blamer versions prior to 1.0.1 **Description** The issue allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer. **Recommendations** For versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting the arguments provided to blamer to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** treekill (affected versions not specified) tree-kill (affected versions not specified) **Description** A Code Injection issue exists in treekill and tree-kill on Windows, allowing remote code execution when an attacker controls the input into the command. This can be exploited by creating a Proof of Concept (PoC) file that utilizes the `treekill` module to execute malicious commands. **Recommendations** For treekill, consider disabling the `kill` function until a patch is available. For tree-kill, restrict access to the module to minimize the risk of exploitation. Avoid using the `treekill` module in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Buildbot versions prior to 1.8.1 **Description** The issue allows CRLF injection in the Location header of "/auth/login" and "/auth/logout" API endpoints via the `redirect` parameter. This affects other web sites in the same domain. **Recommendations** For versions prior to 1.8.1, update to version 1.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `/auth/login` and `/auth/logout` API endpoints to minimize the risk of exploitation. Avoid using the `redirect` parameter in these endpoints until the issue is resolved.