Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Sweet Security Introduces Patent-Pending LLM-Powered Detection Engine, Reducing Cloud Detection Noise to 0.04%

Tel Aviv, Israel, 15th January 2025, CyberNewsWire

HackRead
Open in Source
#vulnerability#git#zero_day
The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

An ongoing malvertising campaign steals Google advertiser accounts via fraudulent ads for Google Ads itself.

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in…

GHSA-m9c9-mc2h-9wjw: Lodestar snappy checksum issue

### Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork (network partition requiring hard fork) Lodestar does not verify checksum in snappy framing uncompressed chunks. ### Vulnerability Details In Req/Resp protocol the messages are encoded by using ssz_snappy encoding, which is a snappy framing compression over ssz encoded message. In snappy framing format there are uncompressed chunks, each such chunk is prefixed with a checksum. Let's see how golang implementation parses such chunks - https://github.com/golang/snappy/blob/master/decode.go#L176 ``` case chunkTypeUncompressedData: // Section 4.3. Uncompressed data (chunk type 0x01). if chunkLen < checksumSize { r.err = ErrCorrupt return r.err } buf := r.buf[:checksumSize] if !r.readFull(buf, false) { return r.err } checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24 // Read directly into r.decod...

GHSA-53rv-hcvm-rpp9: Lodestar snappy decompression issue

### Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork (network partition requiring hard fork) ### Description Lodestar client may fail to decode snappy framing compressed messages. ### Vulnerability Details In Req/Resp protocol the message are encoded by using ssz_snappy encoding, which is basically snappy framing compression over ssz encoded message. It's mentioned here - https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/p2p-interface.md ``` The token of the negotiated protocol ID specifies the type of encoding to be used for the req/resp interaction. Only one value is possible at this time: ssz_snappy: The contents are first SSZ-encoded and then compressed with Snappy frames compression. For objects containing a single field, only the field is SSZ-encoded not a container with a single field. For example, the BeaconBlocksByRoot request is an SSZ-encoded list of Root's. This encoding type MUST be supp...

GHSA-2v2w-8v8c-wcm9: Rancher UI has Stored Cross-site Scripting vulnerability

### Impact A vulnerability has been identified within Rancher UI that allows a malicious actor to perform a Stored XSS attack through the cluster description field. Please consult the associated [MITRE ATT&CK - Technique - Drive-by Compromise](https://attack.mitre.org/techniques/T1189/) for further information about this category of attack. ### Patches The fix introduces new changes in the directives responsible for sanitizing HTML code before rendering. We replaced the `v-tooltip` directive with the `v-clean-tooltip` directive. Patched versions include releases `2.9.4` and `2.10.0`. ### Workarounds There are no workarounds for this issue. Users are recommended to upgrade, as soon as possible, to a version of /Rancher Manager which contains the fixes. ### Credits This issue was identified and reported by Bhavin Makwana from Workday’s Cyber Defence Team. ### For more information If you have any questions or comments about this advisory: - Reach out to the [SUSE Rancher Security...

1Password's Trelica Buy Part of Broader Shadow IT Play

The acquisition accelerates 1Password's ongoing efforts to expand the role of the password manager with secure SaaS management.

GHSA-qcgg-j2x8-h9g8: Django has a potential denial-of-service vulnerability in IPv6 validation

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` are vulnerable, as is the `django.forms.GenericIPAddressField` form field. (The django.db.models.GenericIPAddressField model field is not affected.)

GHSA-q6r2-x2cc-vrp7: Git LFS permits exfiltration of credentials via crafted HTTP URLs

### Impact When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user's Git credentials. ### Patches This problem exists in all previous versions and is patched in v3.6.1. All users should upgrade to v3.6.1. ### Workarounds There are no workarounds known at this time. ### References * https://github.com/git-lfs/git-lfs/security/advisories/GHSA-q6r2-x2cc-vrp7 * https://nvd.nist.gov/vuln/detail/CVE-2024-53263 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53263 * https://github.com/git-lfs/git-lfs/releases/tag/v3.6.1 * [git-lfs/git-lfs@0345b6f816](https://github.com/git-lfs/git-lf...