### Impact
Under certain circumstances an action could set [reserved claims](https://zitadel.com/docs/apis/openidoauth/claims#reserved-claims) managed by ZITADEL.

For example it would be possible to set the claim `urn:zitadel:iam:user:resourceowner:name`

```json
{"urn:zitadel:iam:user:resourceowner:name": "ACME"}
```

if it was not set by ZITADEL itself.

To compensate for this we introduced a protection that does prevent actions from changing claims that start with `urn:zitadel:iam`

### Patches
2.x versions are fixed on >= [2.48.3](https://github.com/zitadel/zitadel/releases/tag/v2.48.3)
2.47.x versions are fixed on >= [2.47.8](https://github.com/zitadel/zitadel/releases/tag/v2.47.8)
2.46.x versions are fixed on >= [2.46.5](https://github.com/zitadel/zitadel/releases/tag/v2.46.5)
2.45.x versions are fixed on >= [2.45.5](https://github.com/zitadel/zitadel/releases/tag/v2.45.5)
2.44.x versions are fixed on >= [2.44.7](https://github.com/zitadel/zitadel/releases/tag/v2.44.7)
2.43.x versions are fixed on >= [2.43.11](https://github.com/zitadel/zitadel/releases/tag/v2.43.11)
2.42.x versions are fixed on >= [2.42.17](https://github.com/zitadel/zitadel/releases/tag/v2.42.17)

### Workarounds
No workaround available since a patch is available

### Credits
Many thanks to @schettn whose disclosure of another topic lead us to find this issue.


Skip to content

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2024-29892

**ZITADEL's actions can overload reserved claims**

Moderate severity GitHub Reviewed Published Mar 27, 2024 in zitadel/zitadel • Updated Mar 28, 2024

**Package**

gomod github.com/zitadel/zitadel (Go)

**Affected versions**

< 2.42.17

\>= 2.43.0, < 2.43.11

\>= 2.44.0, < 2.44.7

\>= 2.45.0, < 2.45.5

\>= 2.46.0, < 2.46.5

\>= 2.47.0, < 2.47.8

\>= 2.48.0, < 2.48.3

**Patched versions**

2.42.17

2.43.11

2.44.7

2.45.5

2.46.5

2.47.8

2.48.3

**Description**

Published to the GitHub Advisory Database

Mar 28, 2024

Last updated

Mar 28, 2024

GHSA-gp8g-f42f-95q2: ZITADEL's actions can overload reserved claims

By Waqas
Are you a Python developer? Here's what you need to know!
This is a post from HackRead.com Read the original post: PyPI Suspends New Projects and Users Due to Malicious Packages

PyPI hit by malware attack! Malicious packages targeting crypto wallets & browser data. Platform suspends new users & projects. Learn how to stay safe and what you should do.

_This article has been updated with new information._

In a move to combat a large-scale malware campaign, the Python Package Index (PyPI), the official repository for third-party Python software, has suspended new user registration and project creation. This critical action comes after security researchers at Checkmarx identified a series of malicious packages targeting unsuspecting developers.

According to PyPI’s official update released on March 28th, 2024, at 2:16 UTC, the platform is taking proactive measures to “mitigate an ongoing malware upload campaign.” This suspension aims to disrupt the attackers’ efforts and protect the vast Python developer community.

****Checkmarx Discovers Deceptive Software****

The security team at Checkmarx identified a coordinated effort by threat actors to upload malicious packages onto PyPI. These packages are designed to exploit a common vulnerability known as typosquatting. Typosquatting tricks users into installing malware by using names and website addresses that closely resemble those of legitimate software.

Once installed, these malicious packages unleash a multi-stage attack. The initial payload targets a user’s cryptocurrency wallets, aiming to steal valuable digital assets. The attackers further expand their reach by scraping sensitive data from browsers, including cookies and extension information. Additionally, the malware attempts to steal various login credentials, potentially compromising a user’s entire digital ecosystem.

According to Checkmarx’s research shared with Hackread.com ahead of publication on Thursday, the most concerning aspect of this attack is the malware’s persistence mechanism. This mechanism allows the malware to survive system reboots, ensuring its continued operation even after a restart. This persistence significantly increases the difficulty of detection and eradication.

****PyPI Fights Back****

PyPI’s quick suspension of new user registration and project creation shows the platform’s commitment to user safety. This action also potentially disrupts the attackers’ ability to upload new malicious packages and provides PyPI with time to implement more robust security measures.

****What Developers Should Do****

While PyPI works to address the situation, developers are advised to exercise extreme caution when installing Python packages. Here are some essential security practices:

*   **Double-check package names and sources:** Meticulously verify the spelling and origin of any package before installation. Typosquatting relies on tricking users into installing the wrong software.
*   **Verify publisher reputation:** Research the publisher behind a package before trusting it. Look for established developers with a history of creating reliable software.
*   **Read reviews and ratings:** User reviews and ratings can offer valuable insights into a package’s legitimacy and functionality.
*   **Stay informed:** Keep yourself updated on the latest security threats targeting PyPI and the Python community.

****The Future of PyPI Security****

The PyPI security team is working to identify and remove all malicious packages from the platform. Additionally, they will be implementing tougher measures to prevent similar attacks in the future. Developers can expect further announcements from PyPI regarding the timeline for resuming new user registration and project creation.

This incident goes on to show how sophisticated cyberattacks have become especially when targeting the software development community. By working together, developers, security researchers, and platform operators like PyPI can create a safer and more secure environment for everyone.

****UPDATE Mar 28, 2024 – 12:56 UTC****

As of March 28, 2024, 12:56 UTC, PyPI’s official website states, “This incident has been resolved,” indicating that the registration of new projects and users is now enabled again.

1.  Why is learning Python important in Data Science?
2.  OpenSSF Launches Malicious Packages Repository
3.  6 official Python repositories plagued with cryptomining malware
4.  Crypto Stealing PyPI Malware Hits Both Windows and Linux Users
5.  GitHub Abused to Spread Malicious Packages on PyPI in Image Files

PyPI Suspends New Projects and Users Due to Malicious Packages

Ubuntu Security Notice 6715-1 - It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash.

==========================================================================  
Ubuntu Security Notice USN-6715-1  
March 27, 2024

unixodbc vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS  
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)

Summary:

unixODBC could be made to crash or execute arbitrary code.

Software Description:  
- unixodbc: Basic ODBC tools

Details:

It was discovered that unixODBC incorrectly handled certain bytes.  
An attacker could use this issue to execute arbitrary code or cause  
a crash.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.10:  
  libodbc2                        2.3.12-1ubuntu0.23.10.1  
  unixodbc                        2.3.12-1ubuntu0.23.10.1

Ubuntu 22.04 LTS:  
  libodbc1                        2.3.9-5ubuntu0.1  
  libodbc2                        2.3.9-5ubuntu0.1  
  unixodbc                        2.3.9-5ubuntu0.1

Ubuntu 20.04 LTS:  
  libodbc1                        2.3.6-0.1ubuntu0.1  
  unixodbc                        2.3.6-0.1ubuntu0.1

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
  libodbc1                        2.3.4-1.1ubuntu3+esm1  
  unixodbc                        2.3.4-1.1ubuntu3+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
  libodbc1                        2.3.1-4.1ubuntu0.1~esm2  
  unixodbc                        2.3.1-4.1ubuntu0.1~esm2

In general, a standard system update will make all the necessary changes.

References:  
  https://ubuntu.com/security/notices/USN-6715-1  
  CVE-2024-1013

Package Information:  
  https://launchpad.net/ubuntu/+source/unixodbc/2.3.12-1ubuntu0.23.10.1  
  https://launchpad.net/ubuntu/+source/unixodbc/2.3.9-5ubuntu0.1  
  https://launchpad.net/ubuntu/+source/unixodbc/2.3.6-0.1ubuntu0.1

Ubuntu Security Notice USN-6715-1

Ubuntu Security Notice 6719-1 - Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information.

==========================================================================  
Ubuntu Security Notice USN-6719-1  
March 27, 2024

util-linux vulnerability  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10  
- Ubuntu 22.04 LTS  
- Ubuntu 20.04 LTS

Summary:

util-linux could be made to expose sensitive information.

Software Description:  
- util-linux: miscellaneous system utilities

Details:

Skyler Ferrante discovered that the util-linux wall command did not filter  
escape sequences from command line arguments. A local attacker could  
possibly use this issue to obtain sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 23.10:  
   util-linux                      2.39.1-4ubuntu2.1

Ubuntu 22.04 LTS:  
   util-linux                      2.37.2-4ubuntu3.3

Ubuntu 20.04 LTS:  
   util-linux                      2.34-0.1ubuntu9.5

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6719-1  
   CVE-2024-28085

Package Information:  
   https://launchpad.net/ubuntu/+source/util-linux/2.39.1-4ubuntu2.1  
   https://launchpad.net/ubuntu/+source/util-linux/2.37.2-4ubuntu3.3  
   https://launchpad.net/ubuntu/+source/util-linux/2.34-0.1ubuntu9.5

Ubuntu Security Notice USN-6719-1

Event Management version 1.0 suffers from a remote SQL injection vulnerability.

    # Exploit Title: Event Management - SQL Injection# Application: Event Management# Date: 19.02.2024# Bugs: SQL Injection # Exploit Author: SoSPiro# Vendor Homepage: https://github.com/PuneethReddyHC# Software Link: https://github.com/PuneethReddyHC/event-management# Version:1.0# Attack Type: Remote# Tested on: Windows 10 64 bit Wampserver # About project:helps to register an users for on events conducted in college fests with simple logic with secured way## Vulnerability Details:- **Application Name**: Event Management- **Software Link**: [Download Link](https://github.com/PuneethReddyHC/event-management)- **Vendor Homepage**: [Vendor Homepage](https://github.com/PuneethReddyHC)# Vulnerable code section:# https://github.com/PuneethReddyHC/event-management/blob/master/backend/register.php#L64<?php// ... (other code)if(empty($full_name)  || empty($email)  || empty($mobile)) {    // Error messages and actions for incomplete data} else {    if(!preg_match($name,$full_name)){        // Error messages and actions for invalid full name    }    // Additional regex checks for email and mobile format    // Verifying mobile number length    if(!(strlen($mobile) == 10)){        // Error message and action for invalid mobile number length    }    // Database insertion operation    $sql = "INSERT INTO `participants`             (`p_id`,`event_id`, `fullname`, `email`,              `mobile`,  `college`, `branch`)             VALUES (NULL,'$event_id', '$full_name',  '$email',              '$mobile', '$college', '$branch')";                if(mysqli_query($con,$sql)){        // Successful registration message        echo "register_success";        echo "<script> location.href='index.php'; </script>";        exit;    }}// ... (other code)?># Vulnerability Description:The code in register.php is vulnerable to SQL injection, allowing an attacker to manipulate the SQL query and potentially perform unauthorized actions on the database. Additionally, the code lacks proper input validation and sanitization, making it susceptible to various forms of attacks such as cross-site scripting (XSS) and potential security risks.# Proof of Concept (PoC):SQL Injection:The vulnerability can be exploited by an attacker by manipulating the input parameters. For example, the event_id parameter is directly used in the SQL query without proper validation or parameterization:An attacker can manipulate the event_id parameter in the HTTP request to inject malicious SQL code.PoC:POST /event-management-master/backend/register.php HTTP/1.1Host: localhostevent_id=1'; DROP TABLE participants; --This could result in a SQL query like:INSERT INTO `participants` (`p_id`,`event_id`, `fullname`, `email`, `mobile`,  `college`, `branch`) VALUES (NULL,'1'; DROP TABLE participants; --', 'test', 'test@gmail.com', '0555555555', 'asd', 'qwe')To mitigate this, use prepared statements or parameterized queries to ensure proper sanitization of user inputs.

Event Management 1.0 SQL Injection

The 13th International Workshop on Cyber Crime, or IWCC, 2024 call for papers has been announced. It will take place July 30th through August 2nd, 2024 in Vienna, Austria.

    [APOLOGIES FOR CROSS-POSTING]CALL FOR PAPERS13th International Workshop on Cyber Crime (IWCC 2024 -https://www.ares-conference.eu/iwcc/)to be held in conjunction with the 19th International Conference onAvailability, Reliability and Security (ARES 2024 -http://www.ares-conference.eu) July 30 - August 02, 2024, Vienna, AustriaIMPORTANT DATESSubmission Deadline  May 12, 2024Author Notification  May 29, 2024Proceedings Version  June 18, 2024Conference    July 30 - August 02, 2024WORKSHOP DESCRIPTIONThe societies of today's world are becoming increasingly dependent on onlineservices, where commercial activities, business transactions, governmentservices and biomedical diagnostics are realized. This tendency has beenevident during the recent COVID-19 pandemic. These developments, along withthe growing number of military conflicts worldwide (Ukraine, Israel, etc.),have led to the fast development of new cyber threats and numerousinformation security issues that are exploited by cybercriminals. Theinability to provide trusted, secure services in contemporary computernetwork technologies has a tremendous socio-economic impact on globalenterprises as well as individuals.Moreover, the frequently occurring international frauds impose the necessityto conduct investigations spanning multiple domains and countries. Suchexamination is often subject to different jurisdictions and legal systems. Agood illustration of the above is the Internet, which has made it easier toprepare and perpetrate traditional - but now cyber-enabled - crimes. It hasacted as an alternate avenue for criminals to conduct their activities andlaunch attacks with relative anonymity, a high degree of deniability, andthe opportunity to operate in a border-agnostic environment. Worryingdevelopments in the abuse of artificial intelligence and machine learningtechnologies lead to the increased capabilities of malign actors wholeverage these tools to design and propagate disinformation, which isespecially dangerous (and effective) during emergencies and crises of allkinds. The developments in Generative Artificial Intelligence have alsoenabled the increase of criminal capabilities in the production,dissemination, and weaponization of high-quality, convincing fake contact(text, audio, images, and videos), which translates not only to the truthand trust decay among the affected societies but also to the enhancedcapabilities in orchestrating the sophisticated cyber crimes. Furthermore, nowadays, the majority of life-science-based techniques andresulting data hinge on information technologies. Despite their considerableadvantages, dependence on cyber technologies also exposes vulnerabilities.Various threats in the digital realm could target biomedical systems,leading to adverse consequences. The field of CyberBioSecurity wasestablished to assist bio-related sciences in comprehending potential cyberthreats and formulating defense approaches, recovery protocols, andresilience strategies. The increased complexity of communications and thenetworking infrastructure is making the investigation of these new types ofcrimes difficult. Traces of illegal digital activities are difficult toanalyze due to large volumes of data. Nowadays, the digital crime scenefunctions like any other network, with dedicated administrators functioningas the first responders. This poses new challenges for law enforcement and intelligence communitiesand forces computer societies to utilize digital forensics to combat theincreasing number of cybercrimes. Forensic professionals must be fullyprepared to be able to provide court-admissible evidence. To make thesegoals achievable, forensic techniques should keep pace with newtechnologies. Prevention, mitigation, and interdiction of new and emergingthreats necessitates an increasingly thorough and multidisciplinaryapproaches, but also requires the collaboration of all relevant actors andstakeholders in designing the technology regulation and cyber governancemeasures.The aim of this workshop is to bring together the research outcomes providedby researchers from academia and the industry. The other goal is to show thelatest research results in digital forensics and cyberbiosecurity amongstothers. We strongly encourage prospective authors to submit articlespresenting both theoretical approaches and practical case reviews, includingwork-in-progress reports.TOPICS OF INTEREST INCLUDE, BUT ARE NOT LIMITED TO:- Big Data analytics helping to track cybercrimes- Protecting Big Data against cybercrimes- Crime-as-a-service- Criminal abuse of clouds and social networks- Criminal to criminal (C2C) communications- Criminal to victim (C2V) communications- Criminal use of IoT, e.g., IoT-based botnets- Cyberbiosecurity- Cybercrime-related investigations- Cybercrimes: evolution, new trends and detection- Darknets and hidden services- Fake (incl. deepfake) and disinformation detection- Generative Artificial Intelligence and cyber crime- AI-enabled crime and terrorism- Mobile malware- Network anomaly detection- Network traffic analysis, traceback and attribution- Incident response, investigation and evidence handling- Internet governance- Novel techniques in exploit kits- Political and business issues related to digital forensics andanti-forensic - techniques- Anti-forensic techniques and methods- Identification, authentication and collection of digital evidence- Integrity of digital evidence and live investigations- Privacy issues in digital forensics- Ransomware: evolution, functioning, types, etc.- Steganography/steganalysis and covert/subliminal channels- Technology regulation- Novel applications of information hiding in networks- Watermarking and intellectual property theft- Weaponization of information - cyber-enhanced disinformation campaignsWORKSHOP CHAIRSArtur Janicki, Warsaw University of Technology, Poland; Kacper Gradoñ, Warsaw University of Technology, Poland;Katarzyna Kamiñska, Warsaw University of Technology, PolandSUBMISSION GUIDELINESThe submission guidelines valid for the workshop are the same as for theARES conference. They can be found athttps://www.ares-conference.eu/authors-area.

IWCC 2024 Call For Papers

The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection.

Circontrol EV Charger vulnerabilities.

1. CVE-2020-8006 Pre-Auth Stack Based Buffer Overflow  
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10)

The server in Circontrol Raption through 5.11.2 has a pre-authentication  
stack-based buffer overflow that can be exploited to gain run-time control  
of the device as root.

When the server parses the HTTP headers and finds the Basic-Authentication  
tag it will call a base64 decode function. This function takes 3 arguments:  
an input pointer, an output pointer and a length. During the authentication  
flow, the input pointer can be an attacker controlled string of  
approximately 4096 characters, and the output pointer is located on the  
stack, the length argument is 512. While the length of the stack based  
buffer is passed to the decoder it only verifies that it is not smaller than  
3.

[Vendor of Product]

https://circontrol.com/

[Affected Product Code Base]

Raption Server - Raption up to 5.11.2

[Affected Component]

OCCP 1.5, OCCP.1.6, PWRSTUDIO

[Attack Type]

Remote

[Impact Code execution]

true

[Impact Denial of Service]

true

[Attack Vectors]

Remote

[Has vendor confirmed or acknowledged the vulnerability?]

true

[Discoverer]

Abert Spruyt, Alex Salvetti, Dariusz Gońda

[Reference]

https://circontrol.com/intelligent-charging-solutions/dc-chargers-series/raption-150/

2. CVE-2020-8007 - Command injection (RCE/authenticated)  
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L (9.1)

The pwrstudio web application of EV Charger (in the server in Circontrol  
Raption through 5.6.2) is  
vulnerable to OS command injection via three fields of the configuration  
menu for ntpserver0, ntpserver1, and pingip.

[VulnerabilityType Other]

Command Injection

[Vendor of Product]

https://circontrol.com/

[Affected Product Code Base]

Raption Server - up to 5.6.2

[Affected Component]

pwrstudio

[Attack Type]

Remote

[Impact Code execution]

true

[Attack Vectors]

To exploit this issue authorization is required.

[Has vendor confirmed or acknowledged the vulnerability?]

true

[Discoverer]

Abert Spruyt, Alex Salvetti, Dariusz Gońda

[Reference]

https://circontrol.com/intelligent-charging-solutions/dc-chargers-series/raption-150/

Circontrol Raption Buffer Overflow / Command Injection

FusionPBX suffers from a session fixation vulnerability.

*Vulnerability Name - *Application is Vulnerable to Session Fixation

*Vulnerable URL: *www.fusionpbx.com

*Overview of the Vulnerability*  
Session fixation is a security vulnerability that occurs when an attacker  
sets or fixes a user's session identifier, manipulating the authentication  
process. Typically exploited in web applications, this vulnerability allows  
the attacker to force a user's session ID to a known value, granting  
unauthorized access. Attackers can initiate the attack by tricking users  
into using a provided session ID or by planting a session ID through  
various means.

*Steps to Reproduce*  
Step 1: To reproduce this vulnerability open two browsers. Copy "PHPSESSID"  
cookie from Browser 1 and paste it to Browser 2.  
Step 2: Login in Browser 1 using valid credentials.  
Step 3: Navigate to Browser 2 and refresh the page or open this URL (  
https://www.fusionpbx.com/app/account/home.php)  
Step 4: Successfully logged in Browser 2 without entering the credentials.

*Impact of Vulnerability:*  
Anyone can easily hijack victims or user's sessions and get into his account  
. Cookie stealing is the best way the hacker can get into account.. it  
would not take more than 5 min to steal someone's cookie using PHP and all  
.....  
Even friends can fool the victim and get him hacked...

*Mitigation:*Manage sessions properly. This problem is mainly faced because  
the session doesn't get expired or doesn't get closed when logout is  
pressed. Each time the user logins the cookie must hold a unique different  
session-id to proceed.

------------------------------------------------------------------------------------------------------

*FusionPBX Development Team Implemented Fix GitHub Commit Links:*  
https://github.com/fusionpbx/fusionpbx/commit/50220d7a0674fae944a1e16fab7a8517cdc51a9e  
https://github.com/fusionpbx/fusionpbx/commit/560a51cff710df12c863de53c4c8289e1516dae8

FusionPBX Session Fixation

Apple Security Advisory 03-25-2024-1 - Safari 17.4.1 addresses code execution and out of bounds write vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-03-25-2024-1 Safari 17.4.1

Safari 17.4.1 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/kb/HT214094.

Apple maintains a Security Updates page at  
https://support.apple.com/HT201222 which lists recent  
software updates with security advisories.

WebRTC  
Available for: macOS Monterey and macOS Ventura  
Impact: Processing an image may lead to arbitrary code execution  
Description: An out-of-bounds write issue was addressed with improved  
input validation.  
CVE-2024-1580: Nick Galloway of Google Project Zero

Safari 17.4.1 may be obtained from the Mac App Store.  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmYCPKcACgkQX+5d1TXa  
IvpFfBAAvnUeX8jpQu9uS+hiv0FKFu/YUSafIVOutV2ls8jQbdd3HVKwIRNmTZ4g  
0u7drE/D9mTBMzfmvdyNKk4lrnsvgJYNgurGPudpqDr7LmzkDdn0DOWL5xxSs7Jx  
ekUxjtHiPtEPMs41gs9ZZMHiMhU/r6G9LaTa2WrRcrBeqkLnepmee9RfrSbXDV5q  
NMGio6W95JWgRLM0+c06Jk/A6VhnrxwqFug9NMDXr/EgxxMjG5mxZKY7qXXUcWe+  
D2CI/1SRI0ucAkIKN5IDFY5X4Y/XWvp8YeVqdtQQ6RmfJDEE9zPRFSlr/PKRFnba  
LfEPFzWCDMZ6qqP9eSph7+8wFLngWwksf0O9xBq6KF+LUqIVb9RkJ1VZnYZluTt4  
tT161H0aTHOq9LhcFbAA5kQbdpfX7aulYq1xkaGz1a2KJxYFmr1p26Q7HMWHw5Zz  
BlnRH4xsQkoKaU96WSylDUdO5DYiQ27cRQddvqP40xIOTaK/SBTUlEYDCviU+8Xs  
1KhLmuSgfnra+akn0vCmy5tu/+DzlmUT4kvJsvcOApDyKtoeSzPUYucw65RrcEo3  
Aa/3eT3R8o9S8mdq6c3OIEF16/2IyxT9fJJE0YeQTli8zmkTu0Pw0RG2DzQhnfI6  
lDKmfx3c1PyCOU3By0XIfqsI9t3oWXcvbAgSgnDC6lmnZ7X2KpY=  
=JCdc  
-----END PGP SIGNATURE-----

Apple Security Advisory 03-25-2024-1

Red Hat Security Advisory 2024-1557-03 - An update is now available for Red Hat OpenShift Builds 1.0. Issues addressed include denial of service and traversal vulnerabilities.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1557.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Critical: Errata Advisory for Red Hat OpenShift Builds 1.0.1Advisory ID:        RHSA-2024:1557-03Product:            Builds for Red Hat OpenShiftAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:1557Issue date:         2024-03-28Revision:           03CVE Names:          CVE-2023-48795====================================================================Summary: An update is now available for Red Hat OpenShift Builds 1.0.Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Red Hat OpenShift Builds 1.0.Security Fix(es):* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clientsFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2023-48795References:https://access.redhat.com/security/updates/classification/#criticalhttps://bugzilla.redhat.com/show_bug.cgi?id=2254210https://bugzilla.redhat.com/show_bug.cgi?id=2258143https://bugzilla.redhat.com/show_bug.cgi?id=2258165

Tag

#vulnerability