You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"summary": "Wasmtime can panic when adding excessive fields to a `wasi:http/types.fields` instance",
10
+
"details": "### Impact\n\nWasmtime's implementation of the `wasi:http/types.fields` resource is susceptible to panics when too many fields are added to the set of headers. Wasmtime's implementation in the `wasmtime-wasi-http` crate is backed by a data structure which panics when it reaches excessive capacity and this condition was not handled gracefully in Wasmtime. Panicking in a WASI implementation is a Denial of Service vector for embedders and is treated as a security vulnerability in Wasmtime.\n\n### Patches\n\nWasmtime 24.0.6, 36.0.6, 40.0.4, 41.0.4, and 42.0.0 patch this vulnerability and return a trap to the guest instead of panicking.\n\n### Workarounds\n\nThere are no known workarounds at this time, embedders are encouraged to update to a patched version of Wasmtime.\n\n### Resources\n\n* [Limitations of `http::HeaderMap`](https://docs.rs/http/1.4.0/http/header/#limitations)",
"summary": "Statamic is vulnerable to account takeover via password reset link injection",
10
+
"details": "## Impact\n\nAn attacker may leverage a vulnerability in the password reset feature to capture a user's token and reset the password on their behalf.\n\nThe attacker must know the email address of a valid account on the site, and the actual user must blindly click the link in their email even though they didn't request the reset.\n\n## Patches\n\nThis has been fixed in 6.3.3 and 5.73.10.",
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments