ghsa

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 workload identity token can list non-sensitive metadata for paths under nomad/ that belong to other jobs in the same namespace. Fixed in 1.4.2.

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.4.1 event stream subscribers using a token with TTL receive updates until token garbage is collected. Fixed in 1.4.2.

### Impact User can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. ### Patches 1.15.3 ### Workarounds No. If using 1.15.2 please upgrade to 1.15.3 or later. ### References None at this time. ### For more information If you have any questions or comments about this advisory, please email us at [[email protected]](mailto:[email protected])

### Impact Keywords that are specified in the Parse Server option `requestKeywordDenylist` can be injected via Cloud Code Webhooks or Triggers. This will result in the keyword being saved to the database, bypassing the `requestKeywordDenylist` option. ### Patches Improved keyword detection. ### Workarounds Configure your firewall to only allow trusted servers to make request to the Parse Server Cloud Code Webhooks API, or block the API completely if you are not using the feature. ### Collaborators Mikhail Shcherbakov, Cristian-Alexandru Staicu and Musard Balliu working with Trend Micro Zero Day Initiative

### Impact Some current default configurations for Vela allow exploitation and container breakouts. #### Default Privileged Images Running Vela plugins as privileged Docker containers allows a malicious user to easily break out of the container and gain access to the worker host operating system. On a fresh install of Vela without any additional configuration, the `target/vela-docker` plugin will run as a privileged container, even if the Vela administrators did not intend to allow for any privileged plugins, and even if the `vela.yml` configuration file does not use the `privileged = True` flag. Privileged containers permit trivial breakouts, which can pose significant risk to the environment in which Vela is running. #### Default Allowed Repositories On a fresh install of Vela, anyone with a GitHub account (or other enabled source control management solution) is allowed to enable a repository within Vela and run builds. This means that, if a Vela instance is accessible to the pu...

A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS version 4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.

A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS in version 4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.

FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at /web/admin/index.php?r=log%2Fview-layer.

### Impact Failing handshakes didn't cleanup counters for throttling. In consequence the threshold may get reached and will not be released again. The results in permanently dropping records. The issues was reported for certificate based handshakes, but it can't be excluded, that this happens also for PSK based handshakes. It generally affects client and server as well. ### Patches main: commit 726bac57659410da463dcf404b3e79a7312ac0b9 2.7.x: commit 5648a0c27c2c2667c98419254557a14bac2b1f3f Users are requested to update to 3.7.0. If Californium 2 support is required, users are requested to update to 2.7.4. ### Workarounds none.

Microsoft is releasing this security advisory to provide information about a vulnerability in .NET, .NET Core and .NET Framework's System.Data.SqlClient and Microsoft.Data.SqlClient NuGet Packages. A vulnerability exists in System.Data.SqlClient and Microsoft.Data.SqlClient libraries where a timeout occurring under high load can cause incorrect data to be returned as the result of an asynchronously executed query. ## <a name="mitigation-factors"></a>Mitigation factors If you are not talking to Microsoft SQL Server from your application you are not affected by this vulnerability. ### <a name="how-affected"></a>How do I know if I am affected? .NET has two types of dependencies: direct and transitive. Direct dependencies are dependencies where you specifically add a package to your project, transitive dependencies occur when you add a package to your project that in turn relies on another package. For example, the Microsoft.AspNetCore.Mvc package depends on the Microsoft.AspNetCore...