#js

Red Hat Security Advisory 2024-8235-03 - Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, and out of bounds write vulnerabilities.

The building management system suffers from an unauthenticated building/project name exposure.

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also known by the monikers

Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS).

Knwl.js is a Javascript library that parses through text for dates, times, phone numbers, emails, places, and more. Versions 1.0.2 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.

Validate.js provides a declarative way of validating javascript objects. Versions 0.13.1 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.

CommonRegexJS is a CommonRegex port for JavaScript. All available versions contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). As of time of publication, no known patches are available.

### Impact A vulnerability has been identified whereby Rancher Manager deployments containing Windows nodes have weak Access Control Lists (ACL), allowing `BUILTIN\Users` or `NT AUTHORITY\Authenticated Users` to view or edit sensitive files which could lead to privilege escalation. The affected files include binaries, scripts, configuration and log files: ``` C:\etc\rancher\wins\config C:\var\lib\rancher\agent\rancher2_connection_info.json C:\etc\rancher\rke2\config.yaml.d\50-rancher.yaml C:\var\lib\rancher\agent\applied\*-*-applied.plan C:\usr\local\bin\rke2 C:\var\lib\rancher\capr\idempotence\idempotent.sh ``` RKE2 nodes expand the list to include the files below: ``` C:\etc\rancher\node\password C:\var\lib\rancher\rke2\agent\logs\kubelet.log C:\var\lib\rancher\rke2\data\v1.**.**-rke2r*-windows-amd64-*\bin\* C:\var\lib\rancher\rke2\bin\* ``` **This vulnerability is exclusive to deployments that contain Windows nodes. Linux-only environments are not affected by it.** Please con...

### Summary A flaw in the URL validation mechanism of Zitadel actions allows bypassing restrictions intended to block requests to localhost (127.0.0.1). The isHostBlocked check, designed to prevent such requests, can be circumvented by creating a DNS record that resolves to 127.0.0.1. This enables actions to send requests to localhost despite the intended security measures. ### Details While attempting to send a request directly to 127.0.0.1 via an action results in an error (see image below), the restriction can be bypassed using a custom DNS record. <img width="781" alt="image" src="https://github.com/user-attachments/assets/6d22dae8-407f-4420-a937-aca53d22d05d"> The relevant action code demonstrates the attempted request to 127.0.0.1: ``` let http = require('zitadel/http') let logger = require("zitadel/log") function make_api_call(ctx, api) { var user = http.fetch('http://127.0.0.1:8080/debug/metrics'); var api_r = http.fetch('https://obtjoiwgtaftuhbjugulyolvvxuvuuosq.oa...

Red Hat Security Advisory 2024-8461-03 - An update for krb5 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.