GHSA SYNC: 3 brand new advisories

jasnow · postmodern · commit 0fa2cbc0acc1 · 2024-10-04T13:30:15.000-07:00
diff --git a/gems/openc3/CVE-2024-43795.yml b/gems/openc3/CVE-2024-43795.yml
@@ -0,0 +1,30 @@
+---
+gem: openc3
+cve: 2024-43795
+ghsa: vfj8-5pj7-2f9g
+url: https://github.com/OpenC3/cosmos/security/advisories/GHSA-vfj8-5pj7-2f9g
+title: OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)
+date: 2024-10-02
+description: |
+  ### Summary
+
+  The login functionality contains a reflected cross-site scripting
+  (XSS) vulnerability.
+
+  Note: This CVE only affects Open Source Edition, and not
+  OpenC3 COSMOS Enterprise Edition
+
+  ### Impact
+  This issue may lead up to Remote Code Execution (RCE).
+
+  **NOTE:** The complete advisory with much more information is added as
+  [comment](https://github.com/OpenC3/cosmos/security/advisories/GHSA-vfj8-5pj7-2f9g#advisory-comment-104904).
+cvss_v4: 5.1
+patched_versions:
+  - ">= 5.19.0"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-43795
+    - https://github.com/OpenC3/cosmos/security/advisories/GHSA-vfj8-5pj7-2f9g
+    - https://github.com/OpenC3/cosmos/commit/762d7e0e93bdc2f340b1e42acccedc78994a576e
+    - https://github.com/advisories/GHSA-vfj8-5pj7-2f9g
diff --git a/gems/openc3/CVE-2024-46977.yml b/gems/openc3/CVE-2024-46977.yml
@@ -0,0 +1,33 @@
+---
+gem: openc3
+cve: 2024-46977
+ghsa: 8jxr-mccc-mwg8
+url: https://github.com/OpenC3/cosmos/security/advisories/GHSA-8jxr-mccc-mwg8
+title: OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)
+date: 2024-10-02
+description: |
+  ### Summary
+
+  A path traversal vulnerability inside of `LocalMode`'s
+  `open_local_file` method allows an authenticated user with
+  adequate permissions to download any `.txt` via the
+  `ScreensController#show` on the web server COSMOS is running
+  on (depending on the file permissions).
+
+  Note: This CVE affects all OpenC3 COSMOS Editions
+
+  ### Impact
+
+  This issue may lead to Information Disclosure.
+
+  **NOTE:** The complete advisory with much more information is added as
+  [comment](https://github.com/OpenC3/cosmos/security/advisories/GHSA-8jxr-mccc-mwg8#advisory-comment-104903).
+cvss_v4: 5.3
+patched_versions:
+  - ">= 5.19.0"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-46977
+    - https://github.com/OpenC3/cosmos/security/advisories/GHSA-8jxr-mccc-mwg8
+    - https://github.com/OpenC3/cosmos/commit/a34e61aea5a465f0ab3e57d833ae7ff4cafd710b
+    - https://github.com/advisories/GHSA-8jxr-mccc-mwg8
diff --git a/gems/openc3/CVE-2024-47529.yml b/gems/openc3/CVE-2024-47529.yml
@@ -0,0 +1,33 @@
+---
+gem: openc3
+cve: 2024-47529
+ghsa: 4xqv-47rm-37mm
+url: https://github.com/OpenC3/cosmos/security/advisories/GHSA-4xqv-47rm-37mm
+title: OpenC3 stores passwords in clear text (`GHSL-2024-129`)
+date: 2024-10-02
+description: |
+  ### Summary
+
+  OpenC3 COSMOS stores the password of a user unencrypted in the
+  LocalStorage of a web browser. This makes the user password
+  susceptible to exfiltration via Cross-site scripting (see GHSL-2024-128).
+
+  Note: This CVE only affects Open Source edition, and not
+  OpenC3 COSMOS Enterprise Edition
+
+  ### Impact
+
+  This issue may lead to Information Disclosure.
+
+  **NOTE:** The complete advisory with much more information is added as
+  [comment](https://github.com/OpenC3/cosmos/security/advisories/GHSA-4xqv-47rm-37mm#advisory-comment-104905).
+cvss_v3: 5.9
+cvss_v4: 4.8
+patched_versions:
+  - ">= 5.19.0"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2024-47529
+    - https://github.com/OpenC3/cosmos/security/advisories/GHSA-4xqv-47rm-37mm
+    - https://github.com/OpenC3/cosmos/commit/b5ab34fe7fa54c0c8171c4aa3caf4e03d6f63bd7
+    - https://github.com/advisories/GHSA-4xqv-47rm-37mm
