Latest News

## Summary `Rack::QueryParser` in version `< 2.2.18` enforces its `params_limit` only for parameters separated by `&`, while still splitting on both `&` and `;`. As a result, attackers could use `;` separators to bypass the parameter count limit and submit more parameters than intended. ## Details The issue arises because `Rack::QueryParser#check_query_string` counts only `&` characters when determining the number of parameters, but the default separator regex `DEFAULT_SEP = /[&;] */n` splits on both `&` and `;`. This mismatch means that queries using `;` separators were not included in the parameter count, allowing `params_limit` to be bypassed. Other safeguards (`bytesize_limit` and `key_space_limit`) still applied, but did not prevent this particular bypass. ## Impact Applications or middleware that directly invoke `Rack::QueryParser` with its default configuration (no explicit delimiter) could be exposed to increased CPU and memory consumption. This can be abused as a limited...

### Impact A security vulnerability was discovered in Gardener when [Terraformer](https://github.com/gardener/terraformer) is used for infrastructure provisioning. This vulnerability could allow a user with administrative privileges for a Gardener project to obtain control over the seed cluster where the shoot cluster is managed. This CVE affects all Gardener installations where [Terraformer](https://github.com/gardener/terraformer) is used/can be enabled for infrastructure provisioning with any of the affected components mentioned below. ### Affected Components • gardener-extension-provider-gcp • gardener-extension-provider-azure • gardener-extension-provider-openstack • gardener-extension-provider-aws ### Affected Versions • gardener-extension-provider-gcp < v1.46.0 • gardener-extension-provider-azure < v1.55.0 • gardener-extension-provider-openstack < v1.49.0 • gardener-extension-provider-aws < v1.64.0 ### Fixed versions • gardener-extension-provider-gcp >= v1.46.0 • gardener-e...

Another phishing campaign using SVG files to trick targets. This delicious-looking recipe turns out to hide malicious code.

A vulnerability was determined in geyang ml-logger 0.10.36 and prior. Affected is the function log_handler of the file ml_logger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

A vulnerability was identified in geyang ml-logger 0.10.36 and prior. Affected by this vulnerability is the function log_handler of the file ml_logger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The exploit is publicly available and might be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Rob -- W / cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets (SSRF). Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services, retrieve instance role credentials or other sensitive metadata, and interact with internal APIs and services that are not intended to be internet-facing. The vulnerability is exploitable by sending crafted requests to the proxy with the target resource encoded in the URL; many cors-anywhere deployments forward arbitrary methods and headers (including PUT), which can permit exploitation of IMDSv2 workflows as well as access to internal management APIs. Successful exploitation can result in theft of cloud credentials, unauthorized access to internal services, remote code execution or privilege escalation (depending on reachable backends), data exfiltration, and full compromise of cloud resour...

apidoc-core is the core parser library to generate apidoc result following the apidoc-spec. A Prototype Pollution vulnerability in the preProcess function of apidoc-core versions thru 0.15.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means of an indirect prompt injection. The vulnerability has been codenamed ForcedLeak (CVSS score: 9.4) by Noma Security,

Cybersecurity firm Noma Security reveals ForcedLeak, a critical flaw in Salesforce Agentforce that allowed data theft. Learn what companies need to do now to secure AI agents.