Anaheim Library 2go! Security Vulnerabilities

CVE-2024-34363 Envoy can crash due to uncaught nlohmann JSON exception

Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to...

CVE-2024-20697

A flaw was found in the libarchive library. A heap-based buffer overflow in the execute_filter_e8 function in the libarchive/archive_read_support_format_rar.c file can be triggered when a specially crafted RAR archive is processed, causing a crash to the application linked to the library and...

CVE-2024-20696

A flaw was found in the libarchive library. An out-of-bounds access in the copy_from_lzss_window_to_unp function in the libarchive/archive_read_support_format_rar.c file can be triggered due to an integer overflow when a specially crafted RAR archive is processed, causing a crash to the...

malicious container creates symlink "mtab" on the host External

Impact A malicious container can affect the host by taking advantage of code cri-o added to show the container mounts on the host. A workload built from this Dockerfile: ``` FROM docker.io/library/busybox as source RUN mkdir /extra && cd /extra && ln -s ../../../../../../../../root etc FROM...

malicious container creates symlink "mtab" on the host External

Impact A malicious container can affect the host by taking advantage of code cri-o added to show the container mounts on the host. A workload built from this Dockerfile: ``` FROM docker.io/library/busybox as source RUN mkdir /extra && cd /extra && ln -s ../../../../../../../../root etc FROM...

apko Exposure of HTTP basic auth credentials in log output

Summary Exposure of HTTP basic auth credentials from repository and keyring URLs in log output Details There was a handful of instances where the apko tool was outputting error messages and log entries where HTTP basic authentication credentials were exposed for one of two reasons: The%s verb was.....

apko Exposure of HTTP basic auth credentials in log output

Summary Exposure of HTTP basic auth credentials from repository and keyring URLs in log output Details There was a handful of instances where the apko tool was outputting error messages and log entries where HTTP basic authentication credentials were exposed for one of two reasons: The%s verb was.....

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation Fixes for May 2024.

Summary In addition to OS level package updates, multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF033 and 23.0.2-IF005. Vulnerability Details ** CVEID: CVE-2024-21501 DESCRIPTION: **Node.js sanitize-html module could allow a remote attacker to...

Skops unsafe deserialization

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when...

Skops unsafe deserialization

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when...

ydata unsafe deserialization

Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when...

ydata unsafe deserialization

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when...

ydata unsafe deserialization

Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when...

ydata cross-site scripting

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the...

ydata unsafe deserialization

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when...

ydata cross-site scripting

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the...

CVE-2024-37063

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the...

CVE-2024-37064

Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when...

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when...

CVE-2024-37064

Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when...

CVE-2024-37063

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the...

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when...

CVE-2024-37062

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when...

CVE-2024-37062

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when...

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when...

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when...

CVE-2024-37064

Deseriliazation of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a maliciously crafted dataset to run arbitrary code on an end user's system when...

CVE-2024-37063

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the...

CVE-2024-37063

A cross-site scripting (XSS) vulnerability in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliocusly crafted report is viewed in the...

CVE-2024-37062

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when...

CVE-2024-37062

Deserialization of untrusted data can occur in versions 3.7.0 or newer of Ydata's ydata-profiling open-source library, enabling a malicously crafted report to run arbitrary code on an end user's system when...

libarchive vulnerability

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Packages libarchive - Library to read/write archive files Details It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to execute arbitrary code or cause a...

Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload

Description The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. PoC 1. As an admin, enable SVG uploads at https://example.com/wp-admin/options-general.php?page=mime-types-extended 2. As an author,.....

Mime Types Extended <= 0.11 - Author+ Stored XSS via SVG Upload

Description The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS...

Exploit for CVE-2024-2961

Testing CVE-2024-2961 (V1 - Under Analysis) This repository...

CVE-2024-36124

iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed and this has similar...

CVE-2024-36124

iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed and this has similar...

CVE-2024-36124 iq80 Snappy has an out-of-bounds read when uncompressing data, leading to JVM crash

iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed and this has similar...

Security Bulletin: Multiple vulnerabilities in eclipse jetty affect IBM Business Automation Workflow

Summary IBM Business Automation Workflow packages a vulnerable version of the eclipse jetty library. Vulnerability Details ** CVEID: CVE-2020-27216 DESCRIPTION: **Eclipse Jetty could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the...

Malicious code in stw-tenant-library (npm)

This package is considered malicious because it communicates with a domain associated with malicious activity and the package executes one or more commands associated with malicious behavior. -= Per source details. Do not edit below this line.=- Source: ghsa-malware...

IT threat evolution in Q1 2024. Mobile statistics

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Quarterly figures According to Kaspersky Security Network, in Q1 2024: 10.1 million attacks using malware, adware, or unwanted mobile software were blocked. The most...

Advisory ROSA-SA-2024-2430

Software: libvirt 6.0.0 OS: ROSA Virtualization 2.1 package_evr_string: libvirt-6.0.0-28.module+el8.3.0+7827+5e65edd7.src.rpm CVE-ID: CVE-2021-3631 BDU-ID: 2024-02428 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libvirt virtualization management library is related to the creation of SELinux.....

Advisory ROSA-SA-2024-2429

Software: libtiff 4.0.9 OS: ROSA Virtualization 2.1 package_evr_string: libtiff-4.0.9-28.rv3 CVE-ID: CVE-2023-2731 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A null pointer dereferencing bug was found in the LZWDecode() function of the Libtiff library in the libtiff/tif_lzw.c file. This flaw allows.....

Advisory ROSA-SA-2024-2428

software: djvulibre 3.5.28 WASP: ROSA-CHROME package_evr_string: djvulibre-3.5.28-4 CVE-ID: CVE-2021-3500 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A flaw was discovered in djvulibre. A stack overflow in DJVU::DjVuDocument::get_djvu_file() via a created djvu file may cause the application to crash.....

RHEL 8 : hdf5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. hdf5: stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c (CVE-2018-13876) A NULL...

RHEL 7 : mesa (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. mesa: security bypass in 3D library graphics (CVE-2019-5068) Note that Nessus has not tested for this issue but has...

RHEL 8 : dotnet5.0 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. urijs: Authorization Bypass Through User-Controlled Key (CVE-2022-0613) URI.js is a Javascript URL...

CVE-2024-36124

iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed and this has similar...

RHEL 7 : p11-kit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c (CVE-2020-29362) ...

RHEL 5 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. ncurses: Stack-based buffer overflow caused by format string vulnerability in fmt_entry function ...