Tag
#vulnerability
The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.
## Description When the `register_argc_argv php` directive is set to `on` , and users call any URL with a special crafted query string, they are able to change the environment used by the framework when handling the request. ## Resolution The framework now ignores argv values for environment detection on non-cli SAPIs.
Microsoft’s November 2024 Patch Tuesday update fixes 91 security vulnerabilities, including four zero-day vulnerabilities. Critical fixes address actively…
Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today.
### Summary A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. ### Details Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH servers from their browsers. In [`HandleCreateProxySession`](https://github.com/tobychui/zoraxy/blob/9cb315ea6739d1cc201b690322d25166b12dc5db/src/webssh.go#L19) the request to create an SSH session is handled. After checking for the presence of required parameters, ensuring that the target is not the loopback interface and that there is actually an SSH service running on the target, `CreateNewConnection` is called: https://github.com/tobychui/zoraxy/blob/e79a70b7acfa45c2445aff9d60e4e7525c89fec8/src/mod/sshprox/sshprox.go#L165-L178 In line 178, the `gotty` binary is executed running `sshCommand` from the line above. It contains the user-controlled variable `connAddr`, which includes the hostname of the SSH server and - if provided - th...
This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return memory with an incorrect alignment for some allocations, particularly those with large alignments. The flaw was fixed by always using the aligned allocation functions.
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability (however, it's unknown if it could be exploited).
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability (however, it's unknown if it could be exploited).
Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability (however, it's unknown if it could be exploited).
`fast-float` contains multiple soundness issues: 1. [Undefined behavior when checking input length](https://github.com/aldanor/fast-float-rust/issues/28), which has been merged but no package [pubished](https://github.com/aldanor/fast-float-rust/issues/35). 1. [Many functions marked as safe with non-local safety guarantees](https://github.com/aldanor/fast-float-rust/issues/37) The library is also unmaintained. ## Alternatives For quickly parsing floating-point numbers third-party crates are generally no longer needed. A fast float parsing algorithm by the author of `lexical` has been [merged](https://github.com/rust-lang/rust/pull/86761) into libcore. When requiring direct parsing from bytes and/or partial parsers, the [`fast-float2`](https://crates.io/crates/fast-float2) fork of `fast-float` containing these security patches and reduces overall usage of unsafe.