#git

### Impact A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's `getRoomUpgradeHistory` function will infinitely recurse in this case, causing the code to hang. This method is public but also called by the 'leaveRoomChain()' method, so leaving a room will also trigger the bug. Even if the CVSS score would be 4.1 ([AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L&version=3.1)) we classify this as High severity issue. ### Patches This was patched in matrix-js-sdk 34.3.1. ### Workarounds Sanity check rooms before passing them to the matrix-js-sdk or avoid calling either `getRoomUpgradeHistory` or `leaveRoomChain`. ### References N/A.

# Attack Vector Then, let me briefly explain the reasons for the errors mentioned above: 1. The 'kubectl edit' command was used to patch the namespace, but this operation requires both 'get' and 'patch' permissions, hence the error. One should use methods like 'curl' to directly send a PATCH request; 2. The webhook does not intercept patch operations on 'kube-system' because 'kube-system' does not have an ownerReference. # Below are my detailed reproduction steps 1. Create a test cluster `kind create cluster --image=kindest/node:v1.24.15 --name=k8s` 2. Install the capsule `helm install capsule projectcapsule/capsule -n capsule-system --create-namespace` 3. Create a tenant ``` kubectl create -f - << EOF apiVersion: capsule.clastix.io/v1beta2 kind: Tenant metadata: name: tenant1 spec: owners: - name: alice kind: User EOF ``` 4. Create user alice ``` ./create-user.sh alice tenant1 capsule.clastix.io export KUBECONFIG=alice-tenant1.kubeconfig ``` 5. Patch kube-system (The first ...

### Impact As an authenticated user one can access a few unintended endpoints

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query access to the impacted datasource.

### Impact Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode.

The Texas Attorney General is suing GM for selling driving data to third parties where they would end up in the hands of insurance companies.

In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and

Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster. "An attacker with command execution in a Pod running within an affected Azure Kubernetes Services cluster could download the configuration used to

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.2. We recommend users to upgrade Apache DolphinScheduler to version 3.2.2, which fixes the issue.

In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Older, unsupported versions are also affected. Specifically, an application is vulnerable when the following is true: * The application evaluates user-supplied SpEL expressions.