FreeBSD: VID-F07C8F87-8E65-11EF-81B8-659BF0027D16: forgejo -- multiple vulnerabilities
Description
Problem Description:
Forgejo generates a token which is used to authenticate web
endpoints that are only meant to be used internally, for instance
when the SSH daemon is used to push a commit with Git. The
verification of this token was not done in constant time and was
susceptible to timing attacks. A pre-condition for such an attack is
the precise measurements of the time for each operation. Since it
requires observing the timing of network operations, the issue is
mitigated when a Forgejo instance is accessed over the internet
because the ISP introduce unpredictable random delays.
Because of a missing permission check, the branch used to propose
a pull request to a repository can always be deleted by the user
performing the merge. It was fixed so that such a deletion is only
allowed if the user performing the merge has write permission to the
repository from which the pull request was made.
Solution(s)
- freebsd-upgrade-package-forgejo
- freebsd-upgrade-package-forgejo7
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center