Tag
#ruby
flash_tool Gem for Ruby contains a flaw that is triggered during the handling of downloaded files that contain shell characters. With a specially crafted file, a context-dependent attacker can execute arbitrary commands.
Devise version before 3.5.4 uses cookies to implement a "Remember me" functionality. However, it generates the same cookie for all devices. If an attacker manages to steal a remember me cookie and the user does not change the password frequently, the cookie can be used to gain access to the application indefinitely.
xaviershay-dm-rails Gem for Ruby contains a flaw in the `execute()` function in `/datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb`. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information.
An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
An issue has been discovered in GitLab affecting all versions starting from 12.8 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible to trigger a DoS attack by uploading a malicious nuget package.
Several applications were vulnerable to brute-force attacks; hundreds more could be at risk
Red Hat Security Advisory 2023-0432-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.
## Impact Several quadratic complexity bugs in commonmarker's underlying [`cmark-gfm`](https://github.com/github/cmark-gfm) library may lead to unbounded resource exhaustion and subsequent denial of service. The following vulnerabilities were addressed: * [CVE-2023-22483](https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c) * [CVE-2023-22484](https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r) * [CVE-2023-22485](https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr) * [CVE-2023-22486](https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p) For more information, consult the release notes for version [`0.23.0.gfm.7`](https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.7). ## Mitigation Users are advised to upgrade to commonmarker version [`0.23.7`](https://rubygems.org/gems/commonmarker/versions/0.23.7).
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4144: QEMU: QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read
### Impact Arbitrary code execution can occur when running `exiftool` against files with hostile metadata payloads ### Patches ExifTool has already been patched in version 12.24. `exiftool_vendored.rb`, which vendors ExifTool, includes this patch in [v12.25.0](https://github.com/exiftool-rb/exiftool_vendored.rb/releases/tag/v12.25.0). ### Workarounds No ### References https://twitter.com/wcbowling/status/1385803927321415687 https://nvd.nist.gov/vuln/detail/CVE-2021-22204 ### For more information If you have any questions or comments about this advisory: Open an issue in [exiftool_vendored.rb](https://github.com/exiftool-rb/exiftool_vendored.rb/issues)