Latest News

### Impact _What kind of vulnerability is it? Who is impacted?_ This is an advisory for a **potential polynomial Regular Expression Denial of Service (ReDoS)** vulnerability in the `RegexCriterion` class. This class compiles and evaluates an unvalidated, user-supplied regular expression against the identifier of an `Identifiable` object via `Pattern.compile(regex).matcher(id).find()`. To trigger **polynomial ReDoS** in `RegexCriterion`, **two attacker-controlled conditions** must be met: - **Control over the regex input** passed into the constructor: - _Example:_ An attacker supplies a malicious pattern such as `(.*a){10000}`. - **Control or influence over the output of `Identifiable.getId()`**: - _Example:_ A long string like `"aaaa...!"` that forces excessive backtracking. If both conditions are satisfied, a malicious actor can cause **significant CPU exhaustion** through repeated or recursive `filter(...)` calls — especially if performed over large network models or filterin...

### Impact _What kind of vulnerability is it? Who is impacted?_ This is an advisory for a **potential polynomial Regular Expression Denial of Service (ReDoS)** vulnerability in the PowSyBl's DataSource mechanism. When the `listNames(String regex)` method is called on a DataSource, the user-supplied regular expression (which may be unvalidated) is compiled and evaluated against a collection of file-like resource names. To trigger a **polynomial ReDoS** via this mechanism, **two attacker-controlled conditions** must be met: - **Control over the regex input** passed into `listNames(String regex)`. - _Example:_ An attacker supplies a malicious pattern like `(.*a){10000}`. - **Control or influence over the file/resource names** being matched. - _Example:_ Filenames such as `"aaaa...!"` that induce regex engine backtracking. If both conditions are satisfied, a malicious actor can cause **significant CPU consumption** due to regex backtracking — even with polynomial patterns. Since bot...

### Impact _What kind of vulnerability is it? Who is impacted?_ This is a disclosure for a security vulnerability in the `SparseMatrix` class. The vulnerability is a deserialization issue that can lead to a wide range of privilege escalations depending on the circumstances. The problematic area is the `read` method of the `SparseMatrix` class. This method takes in an `InputStream` and returns a `SparseMatrix` object. We consider this to be a method that can be exposed to untrusted input in at least two use cases: - A user can adopt this method in an application where users can submit an `InputStream` and the application parses it into a `SparseMatrix`. This can be a multi-tenant application that hosts many different users perhaps with different privilege levels. - A user adopts the method for a local tool but receives the `InputStream` from external sources. #### Am I impacted? You are vulnerable if you import non-controlled serialized `SparseMatrix` objects. ### Patches com.powsyb...

Cybercriminals are injecting fake support phone numbers onto official sites like Bank of America and Netflix. Learn how 'search parameter injection' scams work and protect yourself now.

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

### Description There is a path traversal vulnerability in any DotVVM application started in Debug mode, if at least one resource with the `FileResourceLocation` has been added. The vulnerability allows an attacker to read arbitrary files from the filesystem accessible by the web application (i.e. appsettings.json or other files containing secrets). ### Patches The bug is patched in versions **4.2.10**, **4.3.8** and **5.0.0-preview03-final** (and newer). Apart from updating DotVVM, it is also recommend invalidating any secrets which could have been leaked by an application deployed in Debug mode (such as database passwords). ### Workarounds If you cannot update to a patched version, avoid running a publicly accessible DotVVM application in Debug mode (Development environment in Asp.Net Core). It is recommend adding the following statement to the DotvvmStartup class: ``` config.Debug = false; // TODO: workaround for GHSA-6q65-j4jw-9cg8, remove after updating DotVVM ```

### Impact _What kind of vulnerability is it? Who is impacted?_ In certain places, powsybl-core XML parsing is vulnerable to an XXE attack and in on place also to an SSRF attack. This allows an attacker to elevate their privileges to read files that they do not have permissions to, including sensitive files on the system. The vulnerable class is `com.powsybl.commons.xml.XmlReader` which is considered to be untrusted in use cases where untrusted users can submit their XML to the vulnerable methods. This can be a multi-tenant application that hosts many different users perhaps with different privilege levels. #### Am I impacted? You are vulnerable if you allow untrusted users to import untrusted CGMES or XIIDM network files. ### Patches com.powsybl:powsybl-commons:6.7.2 and higher ### References [powsybl-core v6.7.2](https://github.com/powsybl/powsybl-core/releases/tag/v6.7.2)

Instead of constantly fixing security vulnerabilities, organizations should proactively build secure foundations that enable businesses to move faster while reducing risk.

Researchers have uncovered 30 exposed data sets containing over 16 billion login credentials which were likely harvested by infostealers.