#js

Red Hat Security Advisory 2024-1462-03 - An update for golang is now available for Red Hat Enterprise Linux 9. Issues addressed include a memory leak vulnerability.

Red Hat Security Advisory 2024-1444-03 - An update for the nodejs:16 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1438-03 - An update for nodejs is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-1362-03 - An update for cnf-tests-container, dpdk-base-container, NUMA-aware secondary scheduler, numaresources-operator and numaresources-operator-must-gather is now available for Red Hat OpenShift Container Platform 4.14.

Cross Site Scripting (XSS) vulnerability in SurveyJS Survey Creator v.1.9.132 and before, allows attackers to execute arbitrary code and obtain sensitive information via the title parameter in form.

Cookie pop-ups now show the number of “partners” that websites may share data with. Here's how many of these third-party companies may get your data from some of the most popular sites online.

There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.

### Summary deserializing json data using `qiskit_ibm_runtime.RuntimeDecoder` can be made to execute arbitrary code given a correctly formatted input string ### Details `RuntimeDecoder` is supposed to be able to deserialize JSON strings containing various special types encoded via `RuntimeEncoder`. However, one can structure a malicious payload to cause the decoder to spawn a subprocess and execute arbitrary code, exploiting this block of code: https://github.com/Qiskit/qiskit-ibm-runtime/blob/16e90f475e78a9d2ae77daa139ef750cfa84ca82/qiskit_ibm_runtime/utils/json.py#L156-L159 ### PoC ```python malicious_data = { "__type__": "settings", "__module__": "subprocess", "__class__": "Popen", "__value__": { "args": ["echo", "hi"] }, } json_str = json.dumps(malicious_data) _ = json.loads(json_str, cls=qiskit_ibm_runtime.RuntimeDecoder) # prints "hi" to the terminal ``` (where obviously "echo hi" can be replaced with something much more malicious) notably the ...

## Summary `jupyter-server-proxy` is used to expose ports local to a Jupyter server listening to web traffic to the Jupyter server's _authenticated users_ by proxying web requests and websockets. Dependent packages ([partial list](https://www.wheelodex.org/projects/jupyter-server-proxy/rdepends/)) also use `jupyter-server-proxy` to expose other popular interactive applications (such as [RStudio](https://github.com/jupyterhub/jupyter-rsession-proxy), [Linux Desktop via VNC](https://github.com/jupyterhub/jupyter-remote-desktop-proxy), [Code Server](https://github.com/betatim/vscode-binder), [Panel](https://github.com/holoviz/jupyter-panel-proxy), etc) along with the Jupyter server. This feature is commonly used in hosted environments (such as a JupyterHub) to expose non-Jupyter interactive frontends or APIs to the user. `jupyter-server-proxy` did not check user authentication appropriately when proxying websockets, allowing unauthenticated access to anyone who had network access to the...

Debian Linux Security Advisory 5641-1 - It was discovered that fontforge, a font editor, is prone to shell command injection vulnerabilities when processing specially crafted files.