Security
Headlines
HeadlinesLatestCVEs

Tag

#java

GHSA-65xh-hh78-6454: Denial of Service in extension "Code Highlight" (codehighlight)

The codehighlight extension bundles a vulnerable version of the 3rd party JavaScript component “prism” which is known to be vulnerable against Regular expression Denial of Service (ReDoS).

ghsa
Open in Source
#vulnerability#dos#git#java
GHSA-xjwx-78x7-q6jc: TYPO3 vulnerable to an HTML Injection in the History Module

### Problem The history backend module is vulnerable to HTML injection. Although Content-Security-Policy headers effectively prevent JavaScript execution, adversaries can still inject malicious HTML markup. Exploiting this vulnerability requires a valid backend user account. ### Solution Update to TYPO3 version 13.1.1 that fixes the problem described. ### Credits Thanks to TYPO3 core team member Andreas Kienast who reported this issue and to TYPO3 core & security team Benjamin Franzke who fixed the issue. ### References * [TYPO3-CORE-SA-2024-007](https://typo3.org/security/advisory/typo3-core-sa-2024-007)

GHSA-m44j-cfrm-g8qc: Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public key.

GHSA-v435-xc8x-wvr9: Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception processing.

GHSA-8xfc-gm6g-vgpv: Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024. Out-of-bounds write bugs could be typically

Update Chrome now! Google releases emergency security patch

Google has released security patches for two vulnerabilities. Make sure you're using the latest version.

CVE-2024-30054: Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is sensitive information.

GHSA-h6r4-xvw6-jc5h: NocoDB Vulnerable to Stored Cross-Site Scripting in Formula.vue

### Summary A stored cross-site scripting vulnerability exists within the Formula virtual cell comments functionality. ### Details The nc-gui/components/virtual-cell/Formula.vue displays a v-html tag with the value of "urls" whose contents are processed by the function replaceUrlsWithLink(). This function recognizes the pattern URI::(XXX) and creates a hyperlink tag <a> with href=XXX. However, it leaves all the other contents outside of the pattern URI::(XXX) unchanged, which makes the evil users can create a malicious table with a formula field whose payload is <img src=1 onerror="malicious javascripts"URI::(XXX). The evil users then can share this table with others by enabling public viewing and the victims who open the shared link can be attacked. ### PoC Step 1: Attacker login the nocodb and creates a table with two fields, "T" and "F". The type of field "T" is "SingleLineText", and the type of the "F" is "Fomula" with the formula content {T} Step 2: The attacker sets the content...