This Week in Spring - June 11th, 2024

This Week in Spring - June 10th, 2024 Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in Paris, France, to talk to organizations using and working with Spring. Then, next week, it's off to Krakow, Poland, for the amazing Devoxx PL event! I can't wait. If you're around,...

PT-2024-7228

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 126.0.6478.126 Description The issue is related to type confusion in the WebAssembly module of Google Chrome, which can be exploited by a remote attacker to execute arbitrary code via a crafted HTML page. The...

RHEL 8 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs: Unitialized buffer due to incorrect encoding CVE-2017-15897 Note that Nessus has not tested for this issue...

SUSE CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0128-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0128-1 advisory. - Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafte...

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It wa...

FreeBSD : qt6-webengine -- Multiple vulnerabilities (c6f03ea6-12de-11ef-83d8-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c6f03ea6-12de-11ef-83d8-4ccc6adda413 advisory. - Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attack...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It wa...

RHEL 9 : nodejs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nodejs: integrity checks according to policies can be circumvented CVE-2023-38552 - Maliciously crafted...

CVE-2024-32980

Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...

CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications

Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...

CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications

Spin is the developer tool for building and running serverless applications powered by WebAssembly. Prior to 2.4.3, some specifically configured Spin applications that use self requests without a specified URL authority can be induced to make requests to arbitrary hosts via the Host HTTP header...

CVE-2024-34346

CVE-2024-34346 affects Deno and describes a permission-escalation via opening privileged files (e.g., reading /proc/self/environ, writing /proc/self/mem) when sandbox permissions are opened with --allow-read/--allow-write. The issue arises because the sandbox can be weakened if deny flags are not...

CVE-2024-34346 Deno contains a permission escalation via open of privileged files with missing `--deny` flag

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the wasmloadercheckbr function. An attacker can trigger a crash on the affected application. Remediation Upgrade wasm-micro-runtime to version 1.3.3 or higher. References - GitHub Commit - GitHub Issue...

pywasm3 contains a global buffer overflow which leads to segmentation fault

wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3compile.c...

wasm3 安全漏洞

wasm3 is the fastest WebAssembly interpreter, and the most versatile runtime. A security vulnerability exists in version v0.5.0 of wasm3, which originates from a segmentation error via the function main in wasm3/platforms/app/main.c. The vulnerability is caused by the use of the function main in...

WebAssembly Micro Runtime 安全漏洞

WebAssembly Micro Runtime WAMR is a lightweight, standalone WebAssembly runtime open-sourced by the Bytecode Alliance. With a small footprint, high performance, and highly configurable features for applications ranging from embedded, IoT, and edge to Trusted Execution Environments TEEs, smart...

wasm3 安全漏洞

wasm3 is the fastest WebAssembly interpreter, as well as the most versatile runtime. A security vulnerability exists in version v0.5.0 of wasm3, which originates from a segmentation error via the function DeallocateSlot in wasm3/source/m3compile.c. The vulnerability is caused by the function...