Security
Headlines
HeadlinesLatestCVEs

Tag

#git

A Comprehensive Guide To Prototyping PCB Assembly

By Owais Sultan Explore the world of Prototyping PCB Assembly with our comprehensive guide. Learn, create, and innovate with expert insights. Start your PCB journey today! This is a post from HackRead.com Read the original post: A Comprehensive Guide To Prototyping PCB Assembly

HackRead
#mac#git#kotlin
GHSA-5pf6-2qwx-pxm2: Go SDK for CloudEvents's use of WithRoundTripper to create a Client leaks credentials

### Impact _What kind of vulnerability is it? Who is impacted?_ Using cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper causes the go-sdk to leak credentials to arbitrary endpoints. The relevant code is [here](https://github.com/cloudevents/sdk-go/blob/67e389964131d55d65cd14b4eb32d57a47312695/v2/protocol/http/protocol.go#L104-L110) (also inline, emphasis added): <pre>if p.Client == nil { p.Client = **http.DefaultClient** } if p.roundTripper != nil { p.Client.**Transport = p.roundTripper** } </pre> When the transport is populated with an authenticated transport such as: - [oauth2.Transport](https://pkg.go.dev/golang.org/x/oauth2#Transport) - [idtoken.NewClient(...).Transport](https://pkg.go.dev/google.golang.org/api/idtoken#NewClient) ... then http.DefaultClient is modified with the authenticated transport and will start to send Authorization tokens to **any endpoint** it is used to contact! Found and patched by: @tcnghia and @...

GHSA-j857-7rvv-vj97: JWCrypto vulnerable to JWT bomb Attack in `deserialize` function

## Affected version Vendor: https://github.com/latchset/jwcrypto Version: 1.5.5 ## Description An attacker can cause a DoS attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this Token, it will consume a lot of memory and processing time. ## Poc ```python from jwcrypto import jwk, jwe from jwcrypto.common import json_encode, json_decode import time public_key = jwk.JWK() private_key = jwk.JWK.generate(kty='RSA', size=2048) public_key.import_key(**json_decode(private_key.export_public())) payload = '{"u": "' + "u" * 400000000 + '", "uu":"' + "u" * 400000000 + '"}' protected_header = { "alg": "RSA-OAEP-256", "enc": "A256CBC-HS512", "typ": "JWE", "zip": "DEF", "kid": public_key.thumbprint(), } jwetoken = jwe.JWE(payload.encode('utf-8'), recipient=public_key, protected=protected_header) enc = jwetoken.serialize(compact=True) print("-----uncompress-----") print(len(enc)) begin =...

Fake Skype, Zoom, Google Meet Sites Infecting Devices with Multiple RATs

By Deeba Ahmed Remote Access Trojan Threat: Beware Malicious Downloads Disguised as Meeting Apps. This is a post from HackRead.com Read the original post: Fake Skype, Zoom, Google Meet Sites Infecting Devices with Multiple RATs

GHSA-2pc2-h97h-2mmw: Jenkins iceScrum Plugin vulnerable to stored Cross-site Scripting

Jenkins iceScrum Plugin 1.1.6 and earlier does not sanitize iceScrum project URLs on build views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs.

GHSA-xj36-6xc6-8p9x: Jenkins Delphix Plugin has SSL/TLS certificate validation disabled by default

In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default.

GHSA-64c5-r2h5-c2fg: Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability

A cross-site request forgery (CSRF) vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.

GHSA-pfh3-j79r-vqrj: Jenkins Delphix Plugin has improper SSL/TLS certificate validation

In Jenkins Delphix Plugin 3.0.1 through 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections fails to take effect until Jenkins is restarted when switching from disabled validation to enabled validation.

GHSA-8h2m-54wh-gwj3: Jenkins docker-build-step Plugin missing permission check

A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions.

GHSA-mr9j-qqjh-67f2: Jenkins Subversion Partial Release Manager Plugin missing permission check

A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build.