#dos

Ubuntu Security Notice 5487-2 - USN-5487-1 fixed a vulnerabilities in Apache. Unfortunately, that update introduced a regression when proxying balancer manager connections in some configurations on Ubuntu 14.04 ESM. This update reverts those changes till further fix. It was discovered that Apache HTTP Server mod_proxy_ajp incorrectly handled certain crafted request. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a denial of service. It was discovered that Apache HTTP Server incorrectly handled certain request. An attacker could possibly use this issue to cause a crash or expose sensitive information. Multiple other issues were also originally addressed.

Ubuntu Security Notice 5491-1 - Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE pages listed in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-25647: com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber' tool that is most likely illegally distributed in the Chinese-speaking web," Israeli cybersecurity

### Impact Passing some special values to the `filter` and `filterout` parameters can cause an abnormally high CPU. Impact on the performance of the servers and RSSHub services. ### Patches It is fixed in 5c4177441417b44a6e45c3c63e9eac2504abeb5b , please update to this or the later versions as soon as possible. ### Credits @Rongronggg9 ### References A full report will be disclosed after 120 hours. ### For more information If you have any questions or comments about this advisory: * Open an issue in <https://github.com/DIYgod/RSSHub/issues> * Email us at [i@diygod.me](mailto:i@diygod.me)

### Impact NVFLARE contains a vulnerability in its utils module, where YAML files are loaded via yaml.load() instead of yaml.safe_load(). The deserialization of Untrusted Data, may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. All versions before 2.1.2 are affected. CVSS Score = 9.8 [AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvd.nist.gov%2Fvuln-metrics%2Fcvss%2Fv3-calculator%3Fvector%3DAV%3AN%2FAC%3AL%2FPR%3AN%2FUI%3AN%2FS%3AU%2FC%3AH%2FI%3AH%2FA%3AH&data=05%7C01%7Cchesterc%40nvidia.com%7Ce9600bde16854b0b380008da4fc544f7%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C637910005925574215%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5kBrXEmAbqp8R31JCH%2FG95MUly72UPVihnBwiRFmvBY%3D&reserved=0) ### Patches The patch will be included in nvflare==2.1.2 ### Workarounds C...

### Impact NVFLARE contains a vulnerability in its PKI implementation module, where The CA credentials are transported via pickle and no safe deserialization. The deserialization of Untrusted Data may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity. All versions before 2.1.2 are affected. CVSS Score = 9.8 [AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H](https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvd.nist.gov%2Fvuln-metrics%2Fcvss%2Fv3-calculator%3Fvector%3DAV%3AN%2FAC%3AL%2FPR%3AN%2FUI%3AN%2FS%3AU%2FC%3AH%2FI%3AH%2FA%3AH&data=05%7C01%7Cchesterc%40nvidia.com%7Ce9600bde16854b0b380008da4fc544f7%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C637910005925574215%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5kBrXEmAbqp8R31JCH%2FG95MUly72UPVihnBwiRFmvBY%3D&reserved=0) ### Patches The patch will be included in nvflare==2.1.2...

### Impact When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is a security concern for you, if - your service parses untrusted rulex expressions (expressions provided by an untrusted user), and - your service becomes unavailable when the process running rulex aborts due to a stack overflow. ### Patches The crash is fixed in version **0.4.3**. Affected users are advised to update to this version. ### Workarounds None. ### For more information If you have any questions or comments about this advisory: * Open an issue in [rulex](https://github.com/rulex-rs/rulex/issues) * Email me at [ludwig.stecher@gmx.de](mailto:ludwig.stecher@gmx.de) ### Credits Credit for finding these bugs goes to - [evanrichter](https://github.com/evanrichter) - [ForAllSecure Mayhem](https://forallsecure.com/) - [cargo fuzz...

Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of StackOverFlow exception (SOE) whenever nested expressions are being processed. Exploiting this vulnerability results in Denial Of Service (DoS), and it is exploitable when an attacker sends 5 requests that cause SOE in time frame of 5 minutes. This vulnerability affects Internet Information Services (IIS) Applications.

Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices.