moby/buildkit: Possible race condition with accessing subpaths from cache mounts

A vulnerability was found in the Moby Builder Toolkit. A malicious BuildKit client or any frontend that can craft a request could lead to the BuildKit daemon crashing with a panic due to the lack of input validation. A frontend is usually specified as the syntax line on a Dockerfile or with the...

OPENSUSE-SU-2024:0135-1 Security update for gitui

This update for gitui fixes the following issues: - update to version 0.26.2: respect configuration for remote when fetching also applies to pulling add : character to sign-off trailer to comply with Conventional Commits standard support overriding builddate for reproducible builds - update...

CentOS 8 : libssh (CESA-2024:3233)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3233 advisory. - A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue...

Arbitrary File Read / Account Takeover

getgrav/grav is vulnerable to to Account Takeover. The vulnerability is due to a lack of proper access controls and input validation mechanisms, allowing low privilege users with page edit privilege to exploit Twig Syntax to read sensitive server files, compromising user accounts and potentially...

Grav Vulnerable to Arbitrary File Read to Account Takeover

Summary A low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise...

GHSA-F8V5-JMFH-PR69 Grav Vulnerable to Arbitrary File Read to Account Takeover

Summary A low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise...

CVE-2024-34082 Grav Arbitrary File Read to Account Takeover

Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password res...

CVE-2024-34082 Grav Arbitrary File Read to Account Takeover

Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password res...

CVE-2024-34082 Grav Arbitrary File Read to Account Takeover

Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - /grav/user/accounts/.yaml. This file stores hashed user password, 2FA secret, and the password res...

EulerOS Virtualization 2.11.0 : libssh (EulerOS-SA-2024-1628)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

EulerOS Virtualization 2.11.1 : libssh (EulerOS-SA-2024-1609)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

RHEL 7 : libssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libssh: NULL pointer dereference in sftpserver.c if sshbuffernew returns NULL CVE-2020-16135 - libssh:...

Oracle Linux 9 : libssh (ELSA-2024-2504)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2504 advisory. 0.10.4-13 - Bump up the version so that the version in 9.3 is lower. - Resolves: RHEL-19310, RHEL-19691, RHEL-17245 Tenable has extracted the preceding...

[SECURITY] Fedora 40 Update: gdcm-3.0.23-5.fc40

Grassroots DiCoM GDCM is a C++ library for DICOM medical files. It supports ACR-NEMA version 1 and 2 huffman compression is not supported, RAW, JPEG, JPEG 2000, JPEG-LS, RLE and deflated transfer syntax. It comes with a super fast scanner implementation to quickly scan hundreds of DICOM files. It...

libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

RHEL 9 : libssh (RHSA-2024:2504)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2504 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

CVE-2024-1874

In PHP versions 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command are controlled by a malicious user, the user can supply arguments that would execute arbitrary commands ...

PHP 安全漏洞

PHP is a scripting language in which PHP is executed server-side. A security vulnerability exists in PHP that originates when using the procopen command with array syntax, due to insufficient escaping, which allows a user to supply parameters to execute arbitrary commands in the Windows shell if...

RHEL 8 / 9 : Red Hat Service Interconnect 1.4 Release (RHSA-2023:4003)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4003 advisory. As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application...

RHEL 8 : Release of OpenShift Serverless Client kn 1.27.0 (Moderate) (RHSA-2023:0708)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:0708 advisory. Red Hat OpenShift Serverless Client kn 1.27.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.27.0. The kn CLI is delivered a...