Security
Headlines
HeadlinesLatestCVEs

Tag

#git

GHSA-pvp8-3xj6-8c6x: Apache Commons Configuration Uncontrolled Resource Consumption

Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resource consumption when loading untrusted configurations or using unexpected usage patterns. The Apache Commons Configuration team does not intend to fix these issues in 1.x. Apache Commons Configuration 1.x is still safe to use in scenarios where you only load trusted configurations. Users that load untrusted configurations or give attackers control over usage patterns are recommended to upgrade to the 2.x version line, which fixes these issues. Apache Commons Configuration 2.x is not a drop-in replacement, but as it uses a separate Maven groupId and Java package namespace they can be loaded side-by-side, making it possible to do a gradual migration.

ghsa
#vulnerability#ios#apache#git#java#maven
Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials

Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. "The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos

From Complexity to Clarity: The Blueprint for Scalable Workflow Automation

Cloud-native applications offer scalable, automated workflows, intelligent data processing, and seamless deployments. However, many organizations still struggle to…

GHSA-889j-63jv-qhr8: Eclipse Jetty HTTP/2 client can force the server to allocate a humongous byte buffer that may lead to OoM and subsequently the JVM to exit

### Original Report In Eclipse Jetty versions 12.0.0 to 12.0.16 included, an HTTP/2 client can specify a very large value for the HTTP/2 settings parameter SETTINGS_MAX_HEADER_LIST_SIZE. The Jetty HTTP/2 server does not perform validation on this setting, and tries to allocate a ByteBuffer of the specified capacity to encode HTTP responses, likely resulting in OutOfMemoryError being thrown, or even the JVM process exiting. ### Impact Remote peers can cause the JVM to crash or continuously report OOM. ### Patches 12.0.17 ### Workarounds No workarounds. ### References https://github.com/jetty/jetty.project/issues/12690

Cyber criminals impersonate payroll, HR and benefits platforms to steal information and funds

As per a recent FBI warning, criminals are phishing users of payroll, and similar platforms to not only steal their credentials but also their funds.

38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases

Cybersecurity researchers have exposed what they say is an "industrial-scale, global cryptocurrency phishing operation" engineered to steal digital assets from cryptocurrency wallets for several years. The campaign has been codenamed FreeDrain by threat intelligence firms SentinelOne and Validin. "FreeDrain uses SEO manipulation, free-tier web services (like gitbook.io, webflow.io, and github.io

Fake Crypto Exchange Ads on Facebook Spread Malware

Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop…

GHSA-4h96-mv53-2c86: fast_id_map has a soundness issue and is unmaintained

`FastMap::get()` lacks sufficient checks to its parameter index and is used to unsafely get a `Vec` element. `fast_id_map` is unmaintained.

GHSA-9j94-67jr-4cqj: Rack session gets restored after deletion

## Summary When using the `Rack::Session::Pool` middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. ## Details [Rack session middleware](https://github.com/rack/rack-session/blob/v2.1.0/lib/rack/session/abstract/id.rb#L271-L278) prepares the session at the beginning of request, then saves is back to the store with possible changes applied by host rack application. This way the session becomes to be a subject of race conditions in general sense over concurrent rack requests. ## Impact When using the `Rack::Session::Pool` middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. ## Mitigation - Update to the latest version of `rack-session`, or - Ensu...

GHSA-vpfw-47h7-xj4g: Rack session gets restored after deletion

### Summary When using the `Rack::Session::Pool` middleware, simultaneous rack requests can restore a deleted rack session, which allows the unauthenticated user to occupy that session. ### Details [Rack session middleware](https://github.com/rack/rack/blob/v2.2.13/lib/rack/session/abstract/id.rb#L263-L270) prepares the session at the beginning of request, then saves is back to the store with possible changes applied by host rack application. This way the session becomes to be a subject of race conditions in general sense over concurrent rack requests. ### Impact When using the `Rack::Session::Pool` middleware, and provided the attacker can acquire a session cookie (already a major issue), the session may be restored if the attacker can trigger a long running request (within that same session) adjacent to the user logging out, in order to retain illicit access even after a user has attempted to logout. ## Mitigation - Update to the latest version of `rack`, or - Ensure your appl...