Yarbo responds to robot flaws that could mow down their owners

A researcher found that Yarbo yard robots came with a host of vulnerabilities which, among others, allowed an attacker to harvest WiFi passwords. Security researcher Andreas Makris found he could remotely hijack thousands of Yarbo yard robots worldwide, and proved it by having his mower run him...

EUVD-2021-16437

Malware in sbrugna...

EUVD-2023-1560

Malicious code in bioql PyPI...

Doppler Launches ‘Change Requests’ to Strengthen Secrets Management Security with Audited Approvals

San Francisco, United States / California, 3rd October 2024, CyberNewsWire...

audited: race condition can lead to audit logs being incorrectly attributed to the wrong user

A race condition flaw was found in Audited. This issue may allow an authenticated user to attribute audit log entries to another user...

Race Condition

Audited is vulnerable to Race Condition. The vulnerability is caused due lack of proper synchronization mechanisms during the use of Thread.current. This potentially leads to logging of wrong username in an audit log...

CVE-2024-22047

A race condition flaw was found in Audited. This issue may allow an authenticated user to attribute audit log entries to another user...

Duplicate Advisory: Race Condition leading to logging errors

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-hjp3-5g2q-7jww. This link is maintained to preserve external references. Original Description A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries...

CVE-2024-22047

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

CVE-2024-22047

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

Race condition

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

CVE-2024-22047 Audited Log Integrity Errors Due to Race Condition

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

CVE-2024-22047 Audited Log Integrity Errors Due to Race Condition

A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user...

CVE-2024-22047

The CVE-2024-22047 issue concerns the Ruby gem Audited (versions 4.0.0 through 5.3.3) where a race condition can cause audit log entries to be attributed to the wrong user. Connected Red Hat advisory RHSA-2024:2010 notes the same race condition affecting rubygem-audited and highlights risk of mis...

Audited Competitive conditionality loophole

Audited is Collective Idea open source an ORM extension . Used to record all changes to the model . Audited 4.0.0 to 5.3.3 before the version of a security vulnerability , the vulnerability stems from the existence of conditional competition vulnerability...

Race Condition

Overview audited is a logging module for ORM models Affected versions of this package are vulnerable to Race Condition involving Thread.current which, in certain setups with threaded web servers, can log the wrong username in an audit log. Remediation Upgrade audited to version 5.3.3 or higher...

Race Condition leading to logging errors

In certain setups with threaded web servers, Audited's use of Thread.current can incorrectly attributed audits to the wrong user. Fixed in 5.3.3. In March, @convisoappsec noticed that the library in question had a Race Condition problem, which caused logs to be registered at times with different...

GHSA-HJP3-5G2Q-7JWW Race Condition leading to logging errors

In certain setups with threaded web servers, Audited's use of Thread.current can incorrectly attributed audits to the wrong user. Fixed in 5.3.3. In March, @convisoappsec noticed that the library in question had a Race Condition problem, which caused logs to be registered at times with different...

PT-2023-32943 · Audited · Audited

Name of the Vulnerable Software and Affected Versions: Audited versions 4.0.0 through 5.3.3 Description: A race condition exists in Audited that can result in an authenticated user causing audit log entries to be attributed to another user. This issue is related to Audited's use of Thread.current...

Race Condition leading to logging errors

In certain setups with threaded web servers, Audited's use of Thread.current can incorrectly attributed audits to the wrong user. Fixed in 5.3.3. In March, @convisoappsec noticed that the library in question had a Race Condition problem, which caused logs to be registered at times with different...