#js

Akaunting versions 3.1.3 and below suffer from a remote command execution vulnerability.

Hitachi NAS SMU Backup and Restore versions prior to 14.8.7825.01 suffer from an insecure direct object reference vulnerability.

MongoDB versions 2.0.1, 2.1.1, 2.1.4, and 2.1.5 appear to suffer from multiple localized password disclosure issues.

Ladder versions 0.0.1 through 0.0.21 fail to apply sufficient default restrictions on destination addresses, allowing an attacker to make GET requests to addresses that would typically not be accessible from an external context. An attacker can access private address ranges, locally listening services, and cloud instance metadata APIs.

Red Hat Security Advisory 2024-1239-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-1235-03 - An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-1234-03 - An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-1227-03 - An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 9.

### Summary This vulnerability allows an attacker with a trusted public key to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the recipient, it results in significant memory allocation and processing time during decompression. ### Details **The attacker needs to obtain a valid public key to compress the payload**. It needs to be valid so that the recipient can use to successfully decompress the payload. Furthermore in context JWT processing in the v2 versions, the recipient must explicitly allow JWE handling . The attacker then crafts a message with high compression ratio, e.g. a payload with very high frequency of repeating patterns that can decompress to a much larger size. If the payload is large enough, recipient who is decompressing the data will have to allocate a large amount of memory, which then can lead to a denial of service. The original repo...

A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the [support for decompressing plaintext after its decryption](https://www.rfc-editor.org/rfc/rfc7516.html#section-4.1.3). This allows an adversary to exploit specific scenarios where the compression ratio becomes exceptionally high. As a result, the length of the JWE token, which is determined by the compressed content's size, can land below application-defined limits. In such cases, other existing application level mechanisms for preventing resource exhaustion may be rendered ineffective. Note that as per [RFC 8725](https://www.rfc-editor.org/rfc/rfc8725.html#name-avoid-compression-of-encryp) compression of data SHOULD NOT be done before encryption, because such compressed data often reveals information about the plaintext. For this reason the v5.x major version of `jose` removed support for compressed payloads entirely and is therefore NOT affected by this advisory. ...