Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Go vulnerabilities (USN-7109-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7109-1 advisory. Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this...

PT-2024-8138

Name of the Vulnerable Software and Affected Versions: PostgreSQL versions prior to 17.1 PostgreSQL versions prior to 16.5 PostgreSQL versions prior to 15.9 PostgreSQL versions prior to 14.14 PostgreSQL versions prior to 13.17 PostgreSQL versions prior to 12.21 Description: The issue is related t...

CVE-2024-45289 Unbounded allocation in ctl(4) CAM Target Layer

The fetch3 library uses environment variables for passing certain information, including the revocation file pathname. The environment variable name used by fetch1 to pass the filename to the library was incorrect, in effect ignoring the option. Fetch would still connect to a host presenting a...

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE

GNU is vulnerable to command injection due to missing sanitization of filenames when the LESSCLOSE environment variable is set and invoked. This could allow an attacker to execute malicious commands within the privileges of the utility...

cgi.force_redirect configuration is bypassable due to the environment variable collision

...

PT-2024-31541 · Fetch +1 · Fetch +1

Name of the Vulnerable Software and Affected Versions: fetch versions affected versions not specified Description: The issue arises from the fetch3 library's use of environment variables to pass information, including the revocation file pathname. However, the environment variable name used by...

GHSA-H99M-6755-RGWC Rancher Remote Code Execution via Cluster/Node Drivers

Impact A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

[slackware-security] php81

New php81 packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.30-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: Bypass of CVE-2024-4577, Parameter Injection Vulnerability...

SUSE-SU-2024:3733-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 - CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable...

SUSE-SU-2024:3664-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2024-8925: Fixed erroneous parsing of multipart form data in HTTP POST requests leads to legitimate data not being processed bsc1231360 - CVE-2024-8927: Fixed cgi.forceredirect configuration is bypassable due to an environment variable...

BIT-DISCOURSE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse

Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse...

USN-7061-1: Go vulnerabilities

Hunter Wittenborn discovered that Go incorrectly handled the sanitization of environment variables. An attacker could possibly use this issue to run arbitrary commands. CVE-2023-24531 Sohom Datta discovered that Go did not properly validate backticks as Javascript string delimiters, and did not...

CVE-2024-47773

Discourse CVE-2024-47773 describes an anonymous cache-poisoning vulnerability triggered by multiple XHR requests that can contaminate the cache for anonymous visitors. Affected software is Discourse (noted in multiple sources) with patches in the latest released version; remediation guidance also...

CVE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse

Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse...

CVE-2024-8927 cgi.force_redirect configuration is bypassable due to the environment variable collision

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, HTTPREDIRECTSTATUS variable is used to check whether or not CGI binary is being run by the HTTP server. However, in certain scenarios, the content of this variable can be controlled by the request submitter via HTTP...

CVE-2024-44674

D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub24E28, the HTTPREFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src...

CVE-2024-44674

CVE-2024-44674 affects the D-Link COVR-2600R with firmware FW101b05. The vulnerability arises in a function (sub_24E28) where HTTP_REFERER is obtained via an environment variable, which is controllable, and can be used as the value for src. This leads to a buffer overflow condition as described i...

CVE-2024-44674

D-Link COVR-2600R FW101b05 is vulnerable to Buffer Overflow. In the function sub24E28, the HTTPREFERER is obtained through an environment variable, and this field is controllable, allowing it to be used as the value for src...

Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Impact Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret...

GHSA-QC4V-XQ2M-65WC Unexpected visibility of environment variable configurations in @backstage/plugin-app-backend

Impact Configuration supplied through APPCONFIG environment variables, for example APPCONFIGbackendlistenport=7007, where unexpectedly ignoring the visibility defined in configuration schema. This occurred even if the configuration schema specified that they should have backend or secret...