Security Bulletin: TSSC/IMC is vulnerable to a bypass security restrictions attack on curl

Summary TSSC/IMC is vulnerable to a bypass security restrictions attack on curl. A patch has been provided that updates the libssh library. CVE-2023-28322, CVE-2023-38546, CVE-2023-46218 Vulnerability Details CVEID:CVE-2023-28322 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass...

Glastonbury ticket hijack vulnerability fixed

The Glastonbury ticket website was vulnerable to a relatively simple attack that that allowed ticket theft and data leakage. What’s the issue? An attacker could scrape collaborative ticket buying information e.g. on Reddit to gather people’s details, use a flaw in the registration process and...