#vulnerability

A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity.

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use `rustls::server::Acceptor::accept()` are affected. Servers that use `tokio-rustls`'s `LazyConfigAcceptor` API are affected. Servers that use `tokio-rustls`'s `TlsAcceptor` API are not affected. Servers that use `rustls-ffi`'s `rustls_acceptor_accept` API are affected.

How well do you know your smart contracts’ health? This article highlights the top five platforms that DeFi…

### Summary In versions of `dawidd6/action-download-artifact` before v6, a repository's forks were also searched by default when attempting to find matching artifacts. This could be exploited by an unprivileged attacker to introduce compromised artifacts (such as malicious executables) into a privileged workflow context, as creating a fork requires no privileges. Users should immediately upgrade to v6 or newer, which changes the default behavior to avoid searching forks for matching artifacts. Users who cannot upgrade should explicitly set `allow_forks: false` to disable searching forks for artifacts. ### Details GitHub's artifact storage for workflows does not natively distinguish between artifacts created by a repository and artifacts created by forks of that repository. As a result, attempting to retrieve the "latest" artifact for a workflow run can return artifacts produced by a fork, rather than its upstream. Because any GitHub user can create a fork of a public repository, ...

Ubuntu Security Notice 7121-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Debian Linux Security Advisory 5818-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Ubuntu Security Notice 7124-1 - Andy Boothe discovered that the Networking component of OpenJDK 23 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 23 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information.

Red Hat Security Advisory 2024-9991-03 - An update for openstack-tripleo-common and python-tripleoclient is now available for Red Hat OpenStack Platform 17.1.

Red Hat Security Advisory 2024-9990-03 - An update for openstack-tripleo-common and python-tripleoclient is now available for Red Hat OpenStack Platform 17.1.

Red Hat Security Advisory 2024-9989-03 - An update for python-webob is now available for Red Hat OpenStack Platform 17.1.