Security
Headlines
HeadlinesLatestCVEs

Tag

#ruby

GHSA-m875-3xf6-mf78: unpoly-rails Denial of Service vulnerability

There is a possible Denial of Service (DoS) vulnerability in the unpoly-rails gem that implements the [Unpoly server protocol](https://unpoly.com/up.protocol) for Rails applications. ### Impact This issues affects Rails applications that operate as an upstream of a load balancer's that uses [passive health checks](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks). The [unpoly-rails](https://github.com/unpoly/unpoly-rails/) gem echoes the request URL as an `X-Up-Location` response header. By making a request with exceedingly long URLs (paths or query string), an attacker can cause unpoly-rails to write a exceedingly large response header. If the response header is too large to be parsed by a load balancer downstream of the Rails application, it may cause the load balancer to remove the upstream from a load balancing group. This causes that application instance to become unavailable until a configured timeout is reached or until an activ...

ghsa
#vulnerability#dos#git#nginx#ruby
CVE-2023-28846: GitHub - unpoly/unpoly-rails: Ruby on Rails bindings for Unpoly

Unpoly is a JavaScript framework for server-side web applications. There is a possible Denial of Service (DoS) vulnerability in the `unpoly-rails` gem that implements the Unpoly server protocol for Rails applications. This issues affects Rails applications that operate as an upstream of a load balancer's that uses passive health checks. The `unpoly-rails` gem echoes the request URL as an `X-Up-Location` response header. By making a request with exceedingly long URLs (paths or query string), an attacker can cause unpoly-rails to write a exceedingly large response header. If the response header is too large to be parsed by a load balancer downstream of the Rails application, it may cause the load balancer to remove the upstream from a load balancing group. This causes that application instance to become unavailable until a configured timeout is reached or until an active healthcheck succeeds. This issue has been fixed and released as version 2.7.2.2 which is available via RubyGems and Gi...

CVE-2023-28501: Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based buffer overflow in the unirpcd daemon that, if successfully exploited, can lead to remote code execution as the root user.

Red Hat Security Advisory 2023-1486-01

Red Hat Security Advisory 2023-1486-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, code execution, and denial of service vulnerabilities.

ChatGPT helps both criminals and law enforcement, says Europol report

Categories: News Tags: ChatGPT Tags: large language models Tags: LLMs Tags: jailbreak Tags: restrictions Tags: impersonating Tags: misinformation Subject matter experts at Europol were asked to explore how criminals can abuse LLMs such as ChatGPT, as well as how they may assist investigators in their daily work (Read more...) The post ChatGPT helps both criminals and law enforcement, says Europol report appeared first on Malwarebytes Labs.

RHSA-2023:1486: Red Hat Security Advisory: Red Hat Gluster Storage web-admin-build security update

An update is now available for Red Hat Gluster Storage 3.5 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24790: A HTTP request smuggling flaw was found in puma. This issue occurs when using puma behind a proxy. Puma does not validate incoming HTTP requests, as per RFC specification, leading to loss of integrity. * CVE-2022-30122: A denial of service flaw was found in ruby-rack. An attacker crafting multipart POST requests can cause Rack's multipart parser...

CVE-2023-28102: GHSL-2022-094: Remote Code Execution in discordrb - CVE-2023-28102

discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. The library is not directly exploitable: the exploit requires that some client of the library calls the vulnerable method with user input. However, if unsafe input reaches the library method, then an attacker can execute arbitrary shell commands on the host machine. Full impact will depend on the permissions of the process running the `discordrb` library and will likely not be total system access. This issue has been addressed in code, but a new release of the `discordrb` gem has not been uploaded to rubygems. This issue is also tracked as `GHSL-2022-094`.

CVE-2023-28630: Releases - Version notes | GoCD

GoCD is an open source continuous delivery server. In GoCD versions from 20.5.0 and below 23.1.0, if the server environment is not correctly configured by administrators to provide access to the relevant PostgreSQL or MySQL backup tools, the credentials for database access may be unintentionally leaked to admin alerts on the GoCD user interface. The vulnerability is triggered only if the GoCD server host is misconfigured to have backups enabled, but does not have access to the `pg_dump` or `mysqldump` utility tools to backup the configured database type (PostgreSQL or MySQL respectively). In such cases, failure to launch the expected backup utility reports the shell environment used to attempt to launch in the server admin alert, which includes the plaintext database password supplied to the configured tool. This vulnerability does not affect backups of the default on-disk H2 database that GoCD is configured to use. This issue has been addressed and fixed in GoCD 23.1.0. Users are advi...

Joomla! 4.2.7 Unauthenticated Information Disclosure

Joomla! versions prior to 4.2.8 suffer from an unauthenticated information disclosure vulnerability.