#git

### Impact DoS vuln via OOM using jq in ignoreDifferences. ``` ignoreDifferences: - group: apps kind: Deployment jqPathExpressions: - 'until(true == false; [.] + [1])' ``` ### Patches A patch for this vulnerability has been released in the following Argo CD versions: v2.10.8 v2.9.13 v2.8.17 ### For more information If you have any questions or comments about this advisory: Open an issue in [the Argo CD issue tracker](https://github.com/argoproj/argo-cd/issues) or [discussions](https://github.com/argoproj/argo-cd/discussions) Join us on [Slack](https://argoproj.github.io/community/join-slack) in channel #argo-cd Credits This vulnerability was found & reported by @crenshaw-dev (Michael Crenshaw) The Argo team would like to thank these contributors for their responsible disclosure and constructive communications during the resolve of this issue

Red Hat Security Advisory 2024-1896-03 - Red Hat OpenShift Container Platform release 4.12.56 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.

Red Hat Security Advisory 2024-1887-03 - Red Hat OpenShift Container Platform release 4.15.10 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Understand what security measures you have in place, what you need to keep secure, and what rules you have to show compliance with.

The targeted operation utilized CVE-2017-8570 as the initial vector and employed a notable custom loader for Cobalt Strike, yet attribution to any known threat actor remains elusive.

By Waqas The official website of Samourai Wallet has been seized, while its official app on the Apple Store and Google Play has been removed. This is a post from HackRead.com Read the original post: Feds Bust Privacy-Centric Samourai Wallet Over BTC Money Laundering

By Waqas As the number of applications and systems used in businesses grows, so do the threats and vulnerabilities that… This is a post from HackRead.com Read the original post: Ensuring the Security and Efficiency of Web Applications and Systems

By Waqas In 2024, integrated residential security solutions are vital for comprehensive protection against evolving threats, safeguarding homes and families with advanced technology and seamless connectivity. This is a post from HackRead.com Read the original post: Integrated Residential Security Solutions to Employ in 2024

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT

Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote guests to team admins via crafted HTTP requests.