Security
Headlines
HeadlinesLatestCVEs

Tag

#ruby

CVE-2022-2175: patch 8.2.5148: invalid memory access when using expression on comman… · vim/vim@6046ade

Buffer Over-read in GitHub repository vim/vim prior to 8.2.

CVE
#git#perl#ruby
Attackers can use ‘Scroll to Text Fragment’ web browser feature to steal data – research

In some scenarios, CSS style specifications can be manipulated to cause browsers to send data to an attacker-controlled server

Red Hat Security Advisory 2022-5002-01

Red Hat Security Advisory 2022-5002-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.

CVE-2022-31072: Merge pull request #1446 from octokit/updates-release-steps-ic · octokit/octokit.rb@1c8edec

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version.

GHSA-g28x-pgr3-qqx6: Octokit gem published with world-writable files

### Impact Versions [4.23.0](https://rubygems.org/gems/octokit/versions/4.23.0) and [4.24.0](https://rubygems.org/gems/octokit/versions/4.24.0) of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. Malicious code already present and running on your machine, separate from this package, could modify the gem’s files and change its behavior during runtime. ### Patches * [octokit 4.25.0](https://rubygems.org/gems/octokit/versions/4.25.0) ### Workarounds Users can use the previous version of the gem [v4.22.0](https://rubygems.org/gems/octokit/versions/4.22.0). Alternatively, users can modify the file permissions manually until they are able to upgrade to the la...

GHSA-26qj-cr27-r5c4: Octopoller gem published with world-writable files

### Impact Version [0.2.0](https://rubygems.org/gems/octopoller/versions/0.2.0) of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. Malicious code already present and running on your machine, separate from this package, could modify the gem’s files and change its behavior during runtime. ### Patches * octopoller 0.3.0 ### Workarounds Users can use the previous version of the gem [v0.1.0](https://rubygems.org/gems/octopoller/versions/0.1.0). Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version.

CVE-2022-24127: REDCap Change Log - Eastern Virginia Medical School (EVMS), Norfolk, Hampton Roads

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.

RHSA-2022:5002: Red Hat Security Advisory: virt:av and virt-devel:av security and bug fix update

An update for the virt:av and virt-devel:av modules is now available for Red Hat Enterprise Linux Advanced Virtualization 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4206: QEMU: QXL: integer overflow in cursor_alloc() can lead to heap buffer overflow * CVE-2021-4207: QEMU: QXL: double fetch in qxl_cursor() can lead to heap buffer overflow * CVE-2022-26353: QEMU: virtio-net: map leaking on error during receive * CVE-2022-26354: QEMU: vhos...

GHSA-64qm-hrgp-pgr9: Authorization header leak on port redirect in mechanize

**Summary** Mechanize (rubygem) `< v2.8.5` leaks the `Authorization` header after a redirect to a different port on the same site. **Mitigation** Upgrade to Mechanize v2.8.5 or later. **Notes** See [https://curl.se/docs/CVE-2022-27776.html](CVE-2022-27776) for a similar vulnerability in curl. Cookies are shared with a server at a different port on the same site, per https://datatracker.ietf.org/doc/html/rfc6265#section-8.5 which states in part: > Cookies do not provide isolation by port. If a cookie is readable > by a service running on one port, the cookie is also readable by a > service running on another port of the same server. If a cookie is > writable by a service on one port, the cookie is also writable by a > service running on another port of the same server. For this > reason, servers SHOULD NOT both run mutually distrusting services on > different ports of the same host and use cookies to store security- > sensitive information.