CVE-2024-1259
published 2024-02-06CVE-2024-1259: A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file…
PriorityP357critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.68%
47.8th percentile
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the argument app_pic_url leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252998 is the identifier assigned to this vulnerability.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | volcano-sh_volcano | >= 0 < 1.10.0-alpha.0 | 1.10.0-alpha.0 |
| juanpao | jpshop | <= 1.5.02 | — |
| juanpao | jpshop | — | — |
| volcano.sh | volcano | >= 0 < 1.10.0-alpha.0 | 1.10.0-alpha.0 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
jose4j is vulnerable to DoS via compressed JWE content
ghsa·2025-12-17
CVE-2024-29371 [HIGH] CWE-1259 jose4j is vulnerable to DoS via compressed JWE content
jose4j is vulnerable to DoS via compressed JWE content
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression.
GHSA
biscuit-java vulnerable to public key confusion in third party block
ghsa·2024-07-31
CVE-2024-41948 [MEDIUM] CWE-1259 biscuit-java vulnerable to public key confusion in third party block
biscuit-java vulnerable to public key confusion in third party block
### Impact
Tokens with third-party blocks containing trusted annotations generated through a third party block request. Due to implementation issues in biscuit-java, third party block support in published versions is inoperating. Nevertheless, to synchronize with other implementations, we publish this advisory and the related fix.
### Description
Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a `ThirdPartyBlock` request can be sent, providing only the necessary info to generate a third-party block and to sign it:
the public key of the previous block (used in the signature)
the public keys part of the token symbol table (for public key interning in datalog
GHSA
Volcano has insecure permissions
ghsa·2024-07-24
CVE-2024-36533 [CRITICAL] CWE-1259 Volcano has insecure permissions
Volcano has insecure permissions
Insecure permissions in volcano v1.8.2 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
GHSA
GHSA-wc7r-64xv-6vgw: A vulnerability was found in Juanpao JPShop up to 1
ghsa_unreviewed·2024-02-06
CVE-2024-1259 [MEDIUM] CWE-434 GHSA-wc7r-64xv-6vgw: A vulnerability was found in Juanpao JPShop up to 1
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/controllers/admin/app/AppController.php of the component API. The manipulation of the argument app_pic_url leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252998 is the identifier assigned to this vulnerability.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-02-06
Published