#js

OpenStack Horizon fails to validate the token provided during a SAML request allowing an attacker to forge a REFERER for redirection.

Red Hat Security Advisory 2022-7054-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7053-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 17 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include buffer overflow and randomization vulnerabilities.

Red Hat Security Advisory 2022-7013-01 - The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Issues addressed include buffer overflow and randomization vulnerabilities.

LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b.

LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.

Auth. (admin+) Stored Cross-Site Scripting (XSS) in Fatcat Apps Analytics Cat plugin <= 1.0.9 on WordPress.

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

### Impact _What kind of vulnerability is it? Who is impacted?_ In Hardened JavaScript, programs can `harden` objects to safely share objects with co-tenant programs without risk of these other programs tampering with their API surface. Hardening does not guarantee that objects are pure or immutable, so a hardened `Map`, for example is superficially tamper-proof, but any party holding a reference to the object can both read and write its contents. Based on this precedent, and because `TypedArray` instances cannot be frozen with `Object.isFrozen`, `harden` does not `freeze` `TypedArrays` and instead makes them non-extensible and makes all non-indexed properties non-writable and non-configurable. This is consistent with the treatment of `Map` because the indexed properties represent mutable content and non-indexed properties represent the API. Due to a defect in `harden`, properties that have names that parse as numbers but are not the same as the canonical representation of those numb...