Source
ghsa
### Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork (network partition requiring hard fork) ### Description Lodestar client may fail to decode snappy framing compressed messages. ### Vulnerability Details In Req/Resp protocol the message are encoded by using ssz_snappy encoding, which is basically snappy framing compression over ssz encoded message. It's mentioned here - https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/p2p-interface.md ``` The token of the negotiated protocol ID specifies the type of encoding to be used for the req/resp interaction. Only one value is possible at this time: ssz_snappy: The contents are first SSZ-encoded and then compressed with Snappy frames compression. For objects containing a single field, only the field is SSZ-encoded not a container with a single field. For example, the BeaconBlocksByRoot request is an SSZ-encoded list of Root's. This encoding type MUST be supp...
### Impact A vulnerability has been identified within Rancher UI that allows a malicious actor to perform a Stored XSS attack through the cluster description field. Please consult the associated [MITRE ATT&CK - Technique - Drive-by Compromise](https://attack.mitre.org/techniques/T1189/) for further information about this category of attack. ### Patches The fix introduces new changes in the directives responsible for sanitizing HTML code before rendering. We replaced the `v-tooltip` directive with the `v-clean-tooltip` directive. Patched versions include releases `2.9.4` and `2.10.0`. ### Workarounds There are no workarounds for this issue. Users are recommended to upgrade, as soon as possible, to a version of /Rancher Manager which contains the fixes. ### Credits This issue was identified and reported by Bhavin Makwana from Workday’s Cyber Defence Team. ### For more information If you have any questions or comments about this advisory: - Reach out to the [SUSE Rancher Security...
An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` are vulnerable, as is the `django.forms.GenericIPAddressField` form field. (The django.db.models.GenericIPAddressField model field is not affected.)
### Impact When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user's Git credentials. ### Patches This problem exists in all previous versions and is patched in v3.6.1. All users should upgrade to v3.6.1. ### Workarounds There are no workarounds known at this time. ### References * https://github.com/git-lfs/git-lfs/security/advisories/GHSA-q6r2-x2cc-vrp7 * https://nvd.nist.gov/vuln/detail/CVE-2024-53263 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53263 * https://github.com/git-lfs/git-lfs/releases/tag/v3.6.1 * [git-lfs/git-lfs@0345b6f816](https://github.com/git-lfs/git-lf...
# Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. An attacker could exploit this vulnerability by loading a specially crafted file in Visual Studio. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/runtime/issues/111425 ## <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 8.0 application running on .NET 8.0.11 or earlier. * Any .NET 9.0 application running on .NET 9.0.0 or earlier. ## <a name="affected-packages"></a>Affected Packages The vulnerability affects...
# Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. An attacker could exploit this vulnerability by loading a specially crafted file in Visual Studio. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/runtime/issues/111424. ## <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 8.0 application running on .NET 8.0.11 or earlier. * Any .NET 9.0 application running on .NET 9.0.0 or earlier. ## <a name="affected-packages"></a>Affected Packages The vulnerability affect...
# Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability ## <a name="executive-summary"></a>Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. An attacker could exploit this vulnerability by sending a specially crafted request to the vulnerable web server. ## Announcement Announcement for this issue can be found at https://github.com/dotnet/runtime/issues/111423 ## <a name="mitigation-factors"></a>Mitigation factors Microsoft has not identified any mitigating factors for this vulnerability. ## <a name="affected-software"></a>Affected software * Any .NET 9.0 application running on .NET 9.0.0 or earlier. ## <a name="affected-packages"></a>Affected Packages The vulnerability affects any Microsoft .NET project if it uses any of affected packages versions list...
### Impact Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. ### Patches Patched in 8.13.16, 10.5.7, 13.2.2, 14.1.2
### Description The [Git credential protocol](https://git-scm.com/docs/git-credential#IOFMT) is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format `key=value`. Git's documentation restricts the use of the NUL (`\0`) character and newlines to form part of the keys[^1] or values. When Git reads from standard input, it considers both LF and CRLF[^2] as newline characters for the credential protocol by virtue of [calling `strbuf_getline`](https://github.com/git/git/blob/6a11438f43469f3815f2f0fc997bd45792ff04c0/credential.c#L311) that calls to `strbuf_getdelim_strip_crlf`. Git also validates that a newline is not present in the value by checking for the presence of the line-feed character (LF, `\n`), and errors if this is the case. This captures both LF and CRLF-type newlines. Git Credential Manager uses the .NET standard library [`StreamReader`](https://learn.microsoft.com/en-us/dotnet/api/system.io.streamreader?view=net-8.0) class t...
A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups “SuperUser”, “Admin”, or “Maintainer”.