#vulnerability

Ubuntu Security Notice 6789-1 - Amel Bouziane-Leblond discovered that LibreOffice incorrectly handled graphic on-click bindings. If a user were tricked into clicking a graphic in a specially crafted document, a remote attacker could possibly run arbitrary script.

Ubuntu Security Notice 6788-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Ubuntu Security Notice 6786-1 - It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to execute arbitrary code.

Ubuntu Security Notice 6673-3 - USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 24.04 LTS. It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS#12 keys. A remote attacker could possibly use this issue to cause python-cryptography to crash, leading to a denial of service. This issue only affected Ubuntu 23.10.

Red Hat Security Advisory 2024-3369-03 - An update is now available for Red Hat OpenShift GitOps v1.10.6 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

Red Hat Security Advisory 2024-3368-03 - An update is now available for Red Hat OpenShift GitOps v1.12.3 to address the CVE-2024-31989, Unprivileged pod in a different namespace on the same cluster could connect to the Redis server on port 6379. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

### Impact Attackers can exploit the vulnerability to read and delete files and folders from an arbitrary, writable directory as anyone can set the output folder when submitting the request via the `outputFolder` option. ### Patches The issue was fixed via https://github.com/OpenAPITools/openapi-generator/pull/18652 (included in v7.6.0 release) by removing the usage of the `outputFolder` option. ### Workarounds No workaround available. ### References No other reference available.

A moderate severity security vulnerability has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This advisory outlines the vulnerability, affected versions, and provides guidance for mitigation. ### Impact This vulnerability is of moderate severity due to the potential for unauthorized write access to particular Ruby files managed by the library. Such access could lead to the alteration of application behavior or data integrity issues. ### Resolution Those who use the `gem install` command, such as `gem install kaminari -v 0.16.1`, `gem unpack kaminari -v 0.16.1`, or `bundle install` to download the package would **_not_** be affected and no action is required. Those who manually download and decompressing the affected versions are advised to update to 0.16.2 or later version of Kaminari where file permissions have been adjusted to enhance security. ### Workarounds If upgrading is not feasible immediately, manually adju...

The GraphQL controller lacked any CSRF protection, meaning authenticated users could be forced or tricked into visiting a URL that would send a GET request to the affected web server that could mutate or destroy data without the user knowing.

A potential SQL injection vulnerability was identified by using the silverstripe/postgresql database adapter. While unlikely to be exploitable, we have patched silverstripe/framework to ensure that table names are safely escaped before being passed to database adapters or user code.