Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

GHSA-g8qw-mgjx-rwjr: New authd users logging in via SSH are members of the root group

### Impact When a user who hasn't logged in to the system before (i.e. doesn't exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context of the SSH session. That leads to a local privilege escalation if the user should not have root privileges. ### Patches Fixed by https://github.com/ubuntu/authd/commit/619ce8e55953b970f1765ddaad565081538151ab ### Workarounds Configure the SSH server to not allow authenticating via authd, for example by setting `UsePAM no` or `KbdInteractiveAuthentication no` in the `sshd_config` (see https://documentation.ubuntu.com/authd/stable/howto/login-ssh/#ssh-configuration).

ghsa
Open in Source
#vulnerability#ubuntu#git#auth#ssh
GHSA-wc4r-xq3c-5cf3: Apache Tomcat - Security constraint bypass for pre/post-resources

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat.  When using PreResources or PostResources mounted other than at the root of the web application, it was possible to access those resources via an unexpected path. That path was likely not to be protected by the same security constraints as the expected path, allowing those security constraints to be bypassed. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

GHSA-h3gc-qfqq-6h8f: Apache Tomcat - DoS in multipart upload

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.

GHSA-mf3r-6m25-3867: Liferay Portal SessionClicks does not restrict the saving of request parameters in the HTTP session

SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DXP 7.4 GA through update 9, 7.3 GA through update 25, and older unsupported versions does not restrict the saving of request parameters in the HTTP session, which allows remote attackers to consume system memory leading to denial-of-service (DoS) conditions via crafted HTTP requests.

GHSA-vv7r-c36w-3prj: Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers

Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.

GHSA-8c26-xm99-53w7: Liferay Portal does not limit the depth of a GraphQL queries

Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 through 2023.Q3.2, 7.4 GA through update 92, 7.3 GA through update 35, and 7.2 fix pack 8 through fix pack 20 does not limit the depth of a GraphQL queries, which allows remote attackers to perform denial-of-service (DoS) attacks on the application by executing complex queries.

GHSA-4qqf-9m5c-w2c5: Weblate exposes personal IP address via e-mail

### Impact The audit log notifications included the full IP address of the acting user. This could be obtained by third-party servers such as SMTP relays, or spam filters. ### Patches This issue has been addressed in Weblate 5.12 via https://github.com/WeblateOrg/weblate/pull/15102. ### References Thanks to [micael1](https://hackerone.com/micael1) for reporting this [issue at HackerOne](https://hackerone.com/reports/3179850).

GHSA-57jg-m997-cx3q: Weblate lacks rate limiting when verifying second factor

### Impact The verification of the second factor was not subject to rate limiting. The absence of rate limiting on the second factor endpoint allows an attacker with valid credentials to automate OTP guessing. ### Patches This issue has been addressed in Weblate 5.12 via https://github.com/WeblateOrg/weblate/pull/14918. ### References Thanks to [obscuredeer](https://hackerone.com/obscuredeer) for reporting this [issue at HackerOne](https://hackerone.com/reports/3150564).

Archetyp Dark Web Market Seized, Admin Arrested in Spain

European law enforcement agencies have dismantled Archetyp Market, a long-running dark web platform used primarily for drug sales,…

Updates to Red Hat Advanced Cluster Security for Kubernetes Cloud Service strengthen your security posture

Making sure your Kubernetes environment is secure and compliant is a critical, ongoing challenge, especially for enterprise workloads in the hybrid cloud. To help you meet security requirements with greater confidence and efficiency, we’ve just rolled out key updates to Red Hat Advanced Cluster Security for Kubernetes Cloud Service. This latest release helps significantly strengthen your security posture with newly added industry-standard certifications, including ISO 27001 and PCI DSS 4.0, and deeper integration with key AWS services. These enhancements are designed to streamline compliance