ghsa

# Description In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. For example: Application X is a web application with a feature that allows users to create Secrets in an Azure KeyVault. Instead of constructing API calls based on user input, Application X uses Azure CLI commands to create the secrets. Application X has input fields presented to the user and the Azure CLI command parameter values are filled based on the user input fields. This input, when formed correctly, could potentially be run as system commands. Below is an example of the resulting Azure CLI command run on the web app's hosting machine. ```bash az keyvault secret set --vault-name SomeVault --name foobar --value "abc123|whoami" ``` The above command could potentially run the `whoami` command on the hosting machine. Interactive, i...

### Impact The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands was discovered that allows an input to escape the environment variable and modify that docker command invocation directly. Jobs that use [container actions](https://docs.github.com/en/actions/creating-actions/creating-a-docker-container-action), [job containers](https://docs.github.com/en/actions/using-jobs/running-jobs-in-a-container), or [service containers](https://docs.github.com/en/actions/using-containerized-services/about-service-containers) alongside untrusted user inputs in environment variables may be vulnerable. ### Patches The Actions Runner has been patched, both on `github.com` and hotfixes for GHES and GHAE customers. Please update to one of the following versions of the runner: - 2.296.2 - 2.293.1 - 2.289.4 - 2.285.2 - 2.283.4 GHES and GHAE customers may...

A vulnerability in Batik of Apache XML Graphics allows an attacker to run untrusted Java code from an SVG. This issue affects Apache XML Graphics prior to 1.16. It is recommended to update to version 1.16.

A vulnerability in Batik of Apache XML Graphics allows an attacker to run Java code from untrusted SVG via JavaScript. This issue affects Apache XML Graphics prior to 1.16. Users are recommended to upgrade to version 1.16.

Apache Geode versions up to 1.15.0 are vulnerable to a Cross-Site Scripting (XSS) via data injection when using Pulse web application to view Region entries.

The collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service vulnerability exists in .NET 5.0, .NET Core 3.1 and .NET Core 2.1 where .NET (Core) server applications providing WebSocket endpoints could be tricked into endlessly looping while trying to read a single WebSocket frame. ### Patches * If you're using .NET 5.0, you should download and install Runtime 5.0.9 or SDK 5.0.206 (for Visual Studio 2019 v16.8) or SDK 5.0.303 (for Visual Studio 2019 V16.10) from https://dotnet.microsoft.com/download/dotnet-core/5.0. * If you're using .NET Core 3.1, you should download and install Runtime 3.1.18 or SDK 3.1.118 (for Visual Studio 2019 v16.4) or 3.1.412 (for Visual Studio 2019 v16.7 or later) from https://dotnet.microsoft.com/download/dotnet-core/3.1. * If you're using .NET Core 2.1, ...

In free5GC 3.2.1, a malformed NGAP message can crash the AMF and NGAP decoders via an index-out-of-range panic in `aper.GetBitString`.

Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0, .NET 5.0 and .NET Core 3.1. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in .NET 6.0, .NET 5.0 and .NET Core 3.1 where a malicious client can cause a Denial of Service via excess memory allocations through HttpClient. ### Affected software * Any .NET 6.0 application running on .NET 6.0.4 or earlier. * Any .NET 5.0 application running .NET 5.0.16 or earlier. * Any .NET Core 3.1 applicaiton running on .NET Core 3.1.24 or earlier. ### Patches * If you're using .NET Core 6.0, you should download and install Runtime 6.0.5 or SDK 6.0.105 (for Visual Studio 2022 v17.0) or SDK 6.0.203 (for Visual Studio 2022 v17.1) from https://dotnet.microsoft.com/download/dotnet-core/6.0. * If you're using .NET 5.0, you should download and install Runtime 5.0.17 or SDK 5.0.214 (for Visual Studio 2019 v1...