#ruby

WordPress Profile Builder plugin version 3.0.5 suffers from a remote SQL injection vulnerability.

Red Hat Security Advisory 2023-0099-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4144: QEMU: QXL: qxl_phys2virt unsafe address translation can lead to out-of-bounds read

By Owais Sultan Find out what Kotlin app development will bring to your company, which global giants have already taken advantage… This is a post from HackRead.com Read the original post: Kotlin app development company – How to choose

The personnummer implementation before 3.0.3 for Dart mishandles numbers in which the last four digits match the ^000[0-9]$ regular expression.

The git gem, between versions 1.2.0 and 1.12.0, incorrectly parsed the output of the `git ls-files` command using `eval()` to unescape quoted file names. If a file name was added to the git repository contained special characters, such as `\n`, then the `git ls-files` command would print the file name in quotes and escape any special characters. If the `Git#ls_files` method encountered a quoted file name it would use `eval()` to unquote and unescape any special characters, leading to potential remote code execution. Version 1.13.0 of the git gem was released which correctly parses any quoted file names.

Even very short tasks may be worth automating if you do them frequently. Here's how to decide what to tackle first.

### Impact I found "multipart/form-data request tampering vulnerability" caused by Content-Disposition "filename" lack of escaping in httparty. `httparty/lib/httparty/request` > `body.rb` > `def generate_multipart` https://github.com/jnunemaker/httparty/blob/4416141d37fd71bdba4f37589ec265f55aa446ce/lib/httparty/request/body.rb#L43 By exploiting this problem, the following attacks are possible * An attack that rewrites the "name" field according to the crafted file name, impersonating (overwriting) another field. * Attacks that rewrite the filename extension at the time multipart/form-data is generated by tampering with the filename For example, this vulnerability can be exploited to generate the following Content-Disposition. > Normal Request example: > normal input filename: `abc.txt` > > generated normal header in multipart/form-data > `Content-Disposition: form-data; name="avatar"; filename="abc.txt"` > Malicious Request example > malicious input filename: `overwrite_name_f...

Debian Linux Security Advisory 5310-1 - It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.

A vulnerability classified as critical has been found in Hesburgh Libraries of Notre Dame Sipity. This affects the function SearchCriteriaForWorksParameter of the file app/parameters/sipity/parameters/search_criteria_for_works_parameter.rb. The manipulation leads to sql injection. Upgrading to version 2021.8 is able to address this issue. The name of the patch is d1704c7363b899ffce65be03a796a0ee5fdbfbdc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217179.