Prink: $K_s$-Anonymization for Streaming Data in Apache Flink

In this paper, we present Prink, a novel and practically applicable concept and fully implemented prototype for ks-anonymizing data streams in real-world application architectures. Building upon the pre-existing, yet rudimentary CASTLE scheme, Prink for the first time introduces semantics-aware...

Information Disclosure

opensearch-anomaly-detection is vulnerable to Information Disclosure. The vulnerability exists because of the lack of access restrictions in field-level rules in numerical feature aggregations of the library, allowing a user with the Anomaly Detector role to read aggregated numerical data...

CVE-2023-23933

CVE-2023-23933 concerns OpenSearch Anomaly Detection: the plugin improperly applies document- and field-level restrictions, allowing users with the Anomaly Detector role to read aggregated numerical data from restricted fields. This affects authenticated users who already had read access to the r...

Vulnerability Spotlight: Three vulnerabilities in HDF5 file format could lead to remote code execution

Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered three vulnerabilities in a library that works with the HDF5 file format that could allow an attacker to execute remote code on a targeted device. These issues arise in the libhdf5...