This repository has been archived by the owner on Oct 16, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added shortcode to iterate through CVEX directory and add links to ho…
…me page
- Loading branch information
1 parent
931e6d3
commit 886cc65
Showing
17 changed files
with
438 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| --- | ||
| title: CVEX-2023-28155 | ||
| description: The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer. | ||
| layout: single | ||
| date: 2024-05-27T15:34:00-07:00 | ||
| draft: true | ||
| weight: 50 | ||
| url: /CVEX-2023-28155/ | ||
| --- | ||
|
|
||
| Description goes here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| --- | ||
| title: CVEX-2023-31419 | ||
| description: A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service. | ||
| layout: single | ||
| date: 2024-05-27T15:34:00-07:00 | ||
| draft: true | ||
| weight: 50 | ||
| url: /CVEX-2023-31419/ | ||
| --- | ||
|
|
||
| Description goes here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -4,4 +4,4 @@ description: A Collection of our Completed CVEXes | |
| layout: single | ||
| --- | ||
|
|
||
| CVEXes go here. | ||
| {{< CVEX-links >}} | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="en"> | ||
| <head><script src="/livereload.js?mindelay=10&v=2&port=1313&path=livereload" data-no-instant defer></script> | ||
| <title>CVEX-2023-28155 :: CVEX</title> | ||
| <meta http-equiv="content-type" content="text/html; charset=utf-8" /> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> | ||
| <meta name="description" content="The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer." /> | ||
| <meta name="keywords" content="" /> | ||
| <meta name="robots" content="noodp" /> | ||
| <link rel="canonical" href="http://localhost:1313/CVEX-2023-28155/" /> | ||
| <meta property="og:locale" content="en" /> | ||
| <meta property="og:title" content="CVEX-2023-28155 :: CVEX" /> | ||
| <meta property="og:description" content="The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer." /> | ||
| <meta property="og:type" content="article" /> | ||
| <meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" /> | ||
| <meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" /> | ||
| <meta property="article:author" content="CVEX" /> | ||
| <meta property="og:url" content="http://localhost:1313/CVEX-2023-28155/" /> | ||
| <meta property="og:site_name" content="CVEX" /> | ||
| <meta property="og:image" content="" /> | ||
| <meta property="og:image:width" content="2048" /> | ||
| <meta property="og:image:height" content="1024" /> | ||
|
|
||
|
|
||
|
|
||
| <link rel="shortcut icon" href="" /> | ||
| <link rel="preconnect" href="https://fonts.googleapis.com" /> | ||
| <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin /> | ||
| <link | ||
| href="https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&family=Roboto+Slab:wght@300;400;500&family=Ubuntu+Mono:ital@0;1&display=swap" | ||
| rel="stylesheet" | ||
| /> | ||
| <link href="/CVEX-2023-28155/" rel="alternate" type="application/rss+xml" title="CVEX" /> | ||
| <link rel="stylesheet" href="http://localhost:1313/styles.css" /> | ||
| </head> | ||
|
|
||
| <body> | ||
| <div class="theme-container"> | ||
| <div class="container"> | ||
| <header class="site-header"> | ||
| <nav class="navbar"> | ||
| <div class="navbar__first"> | ||
| <ul class="navbar__list borders"> | ||
| <li><a href="http://localhost:1313/">Home</a></li> | ||
| <li> | ||
| <button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg"> | ||
| <path | ||
| d="M22 41C32.4934 41 41 32.4934 41 22C41 11.5066 32.4934 3 22 | ||
| 3C11.5066 3 3 11.5066 3 22C3 32.4934 11.5066 41 22 41ZM7 22C7 | ||
| 13.7157 13.7157 7 22 7V37C13.7157 37 7 30.2843 7 22Z" | ||
| /> | ||
| </svg> | ||
| </button> | ||
| </li> | ||
| </ul> | ||
| </div> | ||
| <div class="navbar__separator"></div> | ||
| </nav> | ||
| </header> | ||
| <main class="site-main"><article class="post"> | ||
| <header class="post-header"> | ||
| <h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-28155/">CVEX-2023-28155</a></h1> | ||
| <div class="post-meta"> | ||
| <time pubdate datetime="2024-05-27 15:34:00 PDT"> | ||
| Published on | ||
| 2024-05-27 15:34:00 PDT | ||
| </time> | ||
| <time pubdate datetime="2024-05-27 15:34:00 PDT"> last modified 2024-05-27 15:34:00 PDT. </time> | ||
| </div> | ||
| <p class="post-description">The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.</p> | ||
| </header> | ||
| <div class="post-content"> | ||
| <p>Description goes here.</p> | ||
|
|
||
| </div> | ||
|
|
||
|
|
||
| <footer class="post-footer"> | ||
| </footer> | ||
| </article> | ||
| </main> | ||
| <footer class="site-footer"> | ||
| <p class="buildinfo"> | ||
| <time datetime="2024-05-27 18:13:21 PDT">Site built on: 2024-05-27 18:13:21 PDT</time> | ||
| </p> | ||
| <div class="copyright"> | ||
| <p></p> | ||
| <nav class="navbar"> | ||
| <ul class="navbar__list"> | ||
| <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li> | ||
| <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li> | ||
| </ul> | ||
| </nav> | ||
| </div> | ||
| <p class="themeinfo">Powered by <a href="https://gohugo.io">Hugo</a>, using theme <a href="https://manid2.github.io/hugo-xterm/">Hugo Xterm</a>.</p> | ||
| </footer> | ||
| </div> | ||
| </div><script type="text/javascript" src="/bundle.js"></script> | ||
| </body> | ||
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,100 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="en"> | ||
| <head><script src="/livereload.js?mindelay=10&v=2&port=1313&path=livereload" data-no-instant defer></script> | ||
| <title>CVEX-2023-31419 :: CVEX</title> | ||
| <meta http-equiv="content-type" content="text/html; charset=utf-8" /> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> | ||
| <meta name="description" content="A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service." /> | ||
| <meta name="keywords" content="" /> | ||
| <meta name="robots" content="noodp" /> | ||
| <link rel="canonical" href="http://localhost:1313/CVEX-2023-31419/" /> | ||
| <meta property="og:locale" content="en" /> | ||
| <meta property="og:title" content="CVEX-2023-31419 :: CVEX" /> | ||
| <meta property="og:description" content="A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service." /> | ||
| <meta property="og:type" content="article" /> | ||
| <meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" /> | ||
| <meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" /> | ||
| <meta property="article:author" content="CVEX" /> | ||
| <meta property="og:url" content="http://localhost:1313/CVEX-2023-31419/" /> | ||
| <meta property="og:site_name" content="CVEX" /> | ||
| <meta property="og:image" content="" /> | ||
| <meta property="og:image:width" content="2048" /> | ||
| <meta property="og:image:height" content="1024" /> | ||
|
|
||
|
|
||
|
|
||
| <link rel="shortcut icon" href="" /> | ||
| <link rel="preconnect" href="https://fonts.googleapis.com" /> | ||
| <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin /> | ||
| <link | ||
| href="https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&family=Roboto+Slab:wght@300;400;500&family=Ubuntu+Mono:ital@0;1&display=swap" | ||
| rel="stylesheet" | ||
| /> | ||
| <link href="/CVEX-2023-31419/" rel="alternate" type="application/rss+xml" title="CVEX" /> | ||
| <link rel="stylesheet" href="http://localhost:1313/styles.css" /> | ||
| </head> | ||
|
|
||
| <body> | ||
| <div class="theme-container"> | ||
| <div class="container"> | ||
| <header class="site-header"> | ||
| <nav class="navbar"> | ||
| <div class="navbar__first"> | ||
| <ul class="navbar__list borders"> | ||
| <li><a href="http://localhost:1313/">Home</a></li> | ||
| <li> | ||
| <button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg"> | ||
| <path | ||
| d="M22 41C32.4934 41 41 32.4934 41 22C41 11.5066 32.4934 3 22 | ||
| 3C11.5066 3 3 11.5066 3 22C3 32.4934 11.5066 41 22 41ZM7 22C7 | ||
| 13.7157 13.7157 7 22 7V37C13.7157 37 7 30.2843 7 22Z" | ||
| /> | ||
| </svg> | ||
| </button> | ||
| </li> | ||
| </ul> | ||
| </div> | ||
| <div class="navbar__separator"></div> | ||
| </nav> | ||
| </header> | ||
| <main class="site-main"><article class="post"> | ||
| <header class="post-header"> | ||
| <h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-31419/">CVEX-2023-31419</a></h1> | ||
| <div class="post-meta"> | ||
| <time pubdate datetime="2024-05-27 15:34:00 PDT"> | ||
| Published on | ||
| 2024-05-27 15:34:00 PDT | ||
| </time> | ||
| <time pubdate datetime="2024-05-27 15:34:00 PDT"> last modified 2024-05-27 15:34:00 PDT. </time> | ||
| </div> | ||
| <p class="post-description">A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.</p> | ||
| </header> | ||
| <div class="post-content"> | ||
| <p>Description goes here.</p> | ||
|
|
||
| </div> | ||
|
|
||
|
|
||
| <footer class="post-footer"> | ||
| </footer> | ||
| </article> | ||
| </main> | ||
| <footer class="site-footer"> | ||
| <p class="buildinfo"> | ||
| <time datetime="2024-05-27 18:13:23 PDT">Site built on: 2024-05-27 18:13:23 PDT</time> | ||
| </p> | ||
| <div class="copyright"> | ||
| <p></p> | ||
| <nav class="navbar"> | ||
| <ul class="navbar__list"> | ||
| <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li> | ||
| <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li> | ||
| </ul> | ||
| </nav> | ||
| </div> | ||
| <p class="themeinfo">Powered by <a href="https://gohugo.io">Hugo</a>, using theme <a href="https://manid2.github.io/hugo-xterm/">Hugo Xterm</a>.</p> | ||
| </footer> | ||
| </div> | ||
| </div><script type="text/javascript" src="/bundle.js"></script> | ||
| </body> | ||
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="en"> | ||
| <head><script src="/livereload.js?mindelay=10&v=2&port=1313&path=livereload" data-no-instant defer></script> | ||
| <title>CVEXs :: CVEX</title> | ||
| <meta http-equiv="content-type" content="text/html; charset=utf-8" /> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1.0" /> | ||
| <meta name="description" content="" /> | ||
| <meta name="keywords" content="" /> | ||
| <meta name="robots" content="noodp" /> | ||
| <link rel="canonical" href="http://localhost:1313/cvex/" /> | ||
| <meta property="og:locale" content="en" /> | ||
| <meta property="og:title" content="CVEXs :: CVEX" /> | ||
| <meta property="og:description" content="" /> | ||
| <meta property="og:type" content="website" /> | ||
| <meta property="og:url" content="http://localhost:1313/cvex/" /> | ||
| <meta property="og:site_name" content="CVEX" /> | ||
| <meta property="og:image" content="" /> | ||
| <meta property="og:image:width" content="2048" /> | ||
| <meta property="og:image:height" content="1024" /> | ||
|
|
||
|
|
||
|
|
||
| <link rel="shortcut icon" href="" /> | ||
| <link rel="preconnect" href="https://fonts.googleapis.com" /> | ||
| <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin /> | ||
| <link | ||
| href="https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&family=Roboto+Slab:wght@300;400;500&family=Ubuntu+Mono:ital@0;1&display=swap" | ||
| rel="stylesheet" | ||
| /> | ||
| <link href="/cvex/" rel="alternate" type="application/rss+xml" title="CVEX" /> | ||
| <link rel="stylesheet" href="http://localhost:1313/styles.css" /> | ||
| </head> | ||
|
|
||
| <body> | ||
| <div class="theme-container"> | ||
| <div class="container"> | ||
| <header class="site-header"> | ||
| <nav class="navbar"> | ||
| <div class="navbar__first"> | ||
| <ul class="navbar__list borders"> | ||
| <li><a href="http://localhost:1313/">Home</a></li> | ||
| <li> | ||
| <button class="theme-toggle transparent"><svg class="theme-toggler" width="24" height="24" viewBox="0 0 48 48" fill="none" xmlns="http://www.w3.org/2000/svg"> | ||
| <path | ||
| d="M22 41C32.4934 41 41 32.4934 41 22C41 11.5066 32.4934 3 22 | ||
| 3C11.5066 3 3 11.5066 3 22C3 32.4934 11.5066 41 22 41ZM7 22C7 | ||
| 13.7157 13.7157 7 22 7V37C13.7157 37 7 30.2843 7 22Z" | ||
| /> | ||
| </svg> | ||
| </button> | ||
| </li> | ||
| </ul> | ||
| </div> | ||
| <div class="navbar__separator"></div> | ||
| </nav> | ||
| </header> | ||
| <main class="site-main"> | ||
| <article class="post"> | ||
| <header class="post-header"> | ||
| <h1>CVEXs</h1></header> | ||
|
|
||
| <div class="post-content"> | ||
| <h2>See</h2><div class="post-entries"> | ||
| <div class="item"><a href="http://localhost:1313/CVEX-2017-1000499/"><h2>CVEX-2017-1000499</h2></a><p class="post-meta"><span>2021-12-19</span></p><p class="post-description">phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.</p></div> | ||
| <div class="item"><a href="http://localhost:1313/CVEX-2023-28155/"><h2>CVEX-2023-28155</h2></a><p class="post-meta"><span>2021-12-19</span></p><p class="post-description">The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.</p></div> | ||
| <div class="item"><a href="http://localhost:1313/CVEX-2023-31419/"><h2>CVEX-2023-31419</h2></a><p class="post-meta"><span>2021-12-19</span></p><p class="post-description">A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.</p></div> | ||
| </div> | ||
|
|
||
| </div> | ||
|
|
||
| <footer class="post-footer"></footer> | ||
| </article> | ||
| </main> | ||
| <footer class="site-footer"> | ||
| <p class="buildinfo"> | ||
| <time datetime="2024-05-27 18:12:07 PDT">Site built on: 2024-05-27 18:12:07 PDT</time> | ||
| </p> | ||
| <div class="copyright"> | ||
| <p></p> | ||
| <nav class="navbar"> | ||
| <ul class="navbar__list"> | ||
| <li><a href="http://localhost:1313/posts/index.xml">RSS</a></li> | ||
| <li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li> | ||
| </ul> | ||
| </nav> | ||
| </div> | ||
| <p class="themeinfo">Powered by <a href="https://gohugo.io">Hugo</a>, using theme <a href="https://manid2.github.io/hugo-xterm/">Hugo Xterm</a>.</p> | ||
| </footer> | ||
| </div> | ||
| </div><script type="text/javascript" src="/bundle.js"></script> | ||
| </body> | ||
| </html> |
Oops, something went wrong.