The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL…
Google Workspace Updates Weekly Recap – May 13, 2022
New updates Unless otherwise indicated, the features below are fully launched or in the process of rolling out (rollouts should take no more than 15 business days to complete), launching to both Rapid and Scheduled Release at the same time (if not…
Metaの次世代ヘッドセット、実機が初公開。マーク・ザッカーバーグ氏が自ら実演
Metaのマーク・ザッカーバーグCEOは、新型のハイエンドMR(複合現実)ヘッドセット「Projec…
[npm] Incorrect Permission Assignment for Critical Resource in NPM
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as “next: 5.7.0” and therefore automatically installed by an “npm upgrade -g npm” command, and also announced in the vendor’s blog without mention of pre-release status). It might a…
[mysql:mysql-connector-java] Improper Privilege Management in MySQL Connectors Java
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pro…
[org.jenkins-ci.main:jenkins-core] Missing Release of Resource after Effective Lifetime in Jenkins
A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java that allows attackers to create ephemeral in-memory user records by attempting to log in…
[passenger] Phusion Passenger incorrect permission assignment
An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are …
[com.amazonaws:codedeploy] AWS CodeDeploy Plugin stored AWS Secret Key in plain text
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disclosure. This attack appears to be exploitable via loc…
[org.springframework.webflow:spring-webflow] Insecure Default Initialization of Resource in Pivotal Spring Web Flow
An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default (i.e., set to ‘false’) can be vulnerable to malicious EL exp…
[pyanyapi] Unsafe pyyaml load usage in PyAnyAPI
An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI before 0.6.1. A YAML parser can execute arbitrary Python commands resulting in command execution because load is used where safe…