Security
Headlines
HeadlinesLatestCVEs

Tag

#ruby

Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys

By Deeba Ahmed Aabquerys use the typosquatting technique to encourage downloading malicious components, as it has been cleverly named to make it sound like the legitimate NPM module Abquery. This is a post from HackRead.com Read the original post: Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys

HackRead
#google#nodejs#git#java#auth#ruby
RHSA-2023:0742: Red Hat Security Advisory: RHUI 4.3.0 release - Security Fixes, Bug Fixes, and Enhancements Update

An updated version of Red Hat Update Infrastructure (RHUI) is now available. RHUI 4.3 fixes a security bug, introduces multiple new features, and upgrades underlying Pulp to a Long Term Support (LTS) version.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44420: In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. * CVE-2022-41323: A denial of service flaw was discovered in Django. This issue occurs when incorrectly handling certain internationalized URLs. A malicious attacker could use this issue to cause a crash, resulting in a denial of service.

CVE-2023-22795: [CVE-2023-22795] Possible ReDoS based DoS vulnerability in Action Dispatch

A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.0.4.1 related to the If-None-Match header. A specially crafted HTTP If-None-Match header can cause the regular expression engine to enter a state of catastrophic backtracking, when on a version of Ruby below 3.2.0. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability All users running an affected release should either upgrade or use one of the workarounds immediately.

CVE-2022-44566: Forcing Sequential Scans on PostgreSQL Using Large Integers (2022-11-01)

A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.

Hikvision Remote Code Execution / XSS / SQL Injection

Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.

GHSA-6325-6g32-7p35: flash_tool Gem for Ruby File Download Handling Arbitrary Command Execution

flash_tool Gem for Ruby contains a flaw that is triggered during the handling of downloaded files that contain shell characters. With a specially crafted file, a context-dependent attacker can execute arbitrary commands.

GHSA-746g-3gfp-hfhw: Devise Gem for Ruby Unauthorized Access Using Remember Me Cookie

Devise version before 3.5.4 uses cookies to implement a "Remember me" functionality. However, it generates the same cookie for all devices. If an attacker manages to steal a remember me cookie and the user does not change the password frequently, the cookie can be used to gain access to the application indefinitely.

GHSA-88p8-4vv5-82j7: xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

xaviershay-dm-rails Gem for Ruby contains a flaw in the `execute()` function in `/datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb`. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information.