Tag
#git
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8v4w-f4r9-7h6x. This link is maintained to preserve external references. ## Original Description Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.
## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xwgj-vpm9-q2rq. This link is maintained to preserve external references. ## Original Description Vulnerable juju introspection abstract UNIX domain socket. An abstract UNIX domain socket responsible for introspection is available without authentication locally to network namespace users. This enables denial of service attacks.
Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. "The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in the crypto ecosystem,"
### Impact When using `tonic::transport::Server` there is a remote DoS attack that can cause the server to exit cleanly on accepting a tcp/tls stream. This can be triggered via causing the accept call to error out with errors there were not covered correctly causing the accept loop to exit. More information can be found [here](https://github.com/hyperium/tonic/issues/1897) ### Patches Upgrading to tonic `0.12.3` and above contains the fix. ### Workarounds A custom accept loop is a possible workaround.
### Summary Stored Cross-Site Scripting (XSS) can archive via Uploading a new Background for a Custom Map. ### Details Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload which will trigger onload. This led to Stored Cross-Site Scripting (XSS). ### PoC 1. Login using an Admin role account. 2. Go over to "$URL/maps/custom", the Manage Custom Maps.  3. Create a new map then choose to edit it. 4. Choose the "Set Background" option.  5. Choose to upload a SVG file that have this content. ```svg <svg xmlns="http://www.w3.org/2000/svg" onload="alert(document.domain)"> <circle cx="50" cy="50" r="40" /> </svg> ``` 6. Once uploaded, there should be a link to the SVG return in the POST request to the API "$URL/maps/custom/1/background". ![ima...
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
Next time you need to activate a subscription on your TV, watch out for these fake sites scammers are using to trick you and steal your money.