Tag
#ruby
There is a deserialization of untrusted data vulnerability in the Kredis JSON deserialization code. This vulnerability has been assigned the CVE identifier CVE-2023-27531. 'Not affected: None.' 'Versions Affected: All.' 'Fixed Versions: 1.3.0.1' Impact Carefully crafted JSON data processed by Kredis may result in deserialization of untrusted data, potentially leading to deserialization of unexpected objects in the system. Any applications using Kredis with JSON are affected. Releases The fixed releases are available at the normal locations. Workarounds There are no feasible workarounds for this issue. Patches To aid users who aren’t able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. * 1-3-0-1-kredis.patch - Patch for 1.3.0 series Credits Thank you ooooooo_k 7 for reporting this!
P2S CMS version 0.1 suffers from a cross site scripting vulnerability.
A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
### Summary Some avo fields are vulnerable to XSS when rendering html based content. ### Details During the analysis of the web application, a rendered field was discovered that did not filter JS / HTML tags in a safe way and can be abused to execute js code on a client side. The trix field uses the trix editor in the backend to edit rich text data which basically operates with html tags. To display the stored data in a rendered view, the HasHTMLAttributes concern is used. This can be exploited by an attacker to store javascript code in any trix field by intercepting the request and modifying the post data, as the trix editor does not allow adding custom html or js tags on the frontend. ### PoC  _Adding javascript in the post request which is used when editing a "post" resource (body is declared as a trix field)_  when rendering html based content. Attackers do need form edit privilege in order to successfully exploit this vulnerability, but the results are stored and no specific timing is required. This issue has been addressed in commit `7891c01e` which is expected to be included in the next release of avo. Users are advised to configure CSP headers for their application and to limit untrusted user access as a mitigation.
Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes when viewing a manipulated record. This issue has been addressed in commit `ec117882d` which is expected to be included in subsequent releases. Users are advised to limit access to untrusted users until a new release is made.
Reportlab up to v3.6.12 allows attackers to execute arbitrary code via supplying a crafted PDF file.
AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
Red Hat Security Advisory 2023-3403-01 - The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-3387-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Issues addressed include a cross site scripting vulnerability.