![]() |
Description: Impact
With careful use of the --mount flag in RUN instructions in Containerfiles, and by using either multi-stage builds with use of concurrently-executing build stages (e.g., using the --jobs CLI flag) or multiple separate but concurrently-executing builds, a malicious Containerfile can be used to expose content from the build host to the command being run using the RUN instruction. This can be used to read or write contents using the privileges of the process which is performing the build. When that process is a root-owned podman system service which is provided for use by unprivileged users, this includes the ability to read and write contents which the client should not be allowed to read and write, including setuid executables in locations where they can be later accessed by unprivileged users.
Patches
Patches have been merged to the main branch, and will be added to upcoming releases on the release-1.38, release-1.37, release-1.35, and release-1.33 branches.
This addressed a number of Jira cards, but primarily https://issues.redhat.com/browse/RHEL-67616 and https://issues.redhat.com/browse/RHEL-67618, which were then vendored into Podman and backported into olde rbranches.
Workarounds
Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.
References
https://github.com/containers/buildah/security/advisories/GHSA-5vpc-35f4-r8w6
https://issues.redhat.com/browse/RHEL-67616
https://issues.redhat.com/br...
January 21st, 2025 (5 months ago)
|
![]() |
Description: Summary
Despite normal text rendering as LaTeX expressions, preventing XSS, the library also provides users with commands which may modify HTML, such as the \htmlData command, and the lack of escaping leads to XSS.
Details
Overall in the code, other than in the test folder, no functions escaping HTML can be seen.
PoC
Go to https://cortexjs.io/mathlive/demo/
Paste either \htmlData{><img/onerror=alert(1)"src=}{} or \htmlData{x=" ><img/onerror=alert(1) src>}{} in the LaTeX textarea.
Impact
MathLive users who render untrusted mathematical expressions could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML.
References
https://github.com/arnog/mathlive/security/advisories/GHSA-qwj6-q94f-8425
https://github.com/arnog/mathlive/commit/abc26056fd5e29a99edfa96a0bbe855ea2a8b678
https://github.com/advisories/GHSA-qwj6-q94f-8425
January 21st, 2025 (5 months ago)
|
![]() |
Description: Sophos noted more than 15 attacks have been reported during the past three months.
January 21st, 2025 (5 months ago)
|
![]() |
Description: A Threat Actor is Allegedly Selling 15,000+ Fullz from the USA
January 21st, 2025 (5 months ago)
|
![]() |
Description: Impact
Authenticated users are able to exploit an XSS vulnerability when viewing previewed content.
Patches
Will be patched in 10.8.8, 13.5.3, 14.3.2 and 15.1.2.
Workarounds
None available.
References
https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-69cg-w8vm-h229
https://github.com/advisories/GHSA-69cg-w8vm-h229
January 21st, 2025 (5 months ago)
|
![]() |
Description: The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country's intelligence community.
January 21st, 2025 (5 months ago)
|
![]() |
Description: Impact
The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included
Patches
compose-go v2.24.1 fixed the issue
Workarounds
There isn't any known workaround.
References
https://github.com/docker/compose/issues/12235
https://github.com/compose-spec/compose-go/pull/703
https://github.com/compose-spec/compose-go/pull/618
https://github.com/docker/compose/commit/d239f0f3187a2ed5404c61f83bd5e995c81600ff#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6R10
References
https://github.com/compose-spec/compose-go/security/advisories/GHSA-36gq-35j3-p9r9
https://github.com/docker/compose/issues/12235
https://github.com/compose-spec/compose-go/pull/618
https://github.com/compose-spec/compose-go/pull/703
https://github.com/docker/compose/commit/d239f0f3187a2ed5404c61f83bd5e995c81600ff#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6R10
https://github.com/advisories/GHSA-36gq-35j3-p9r9
January 21st, 2025 (5 months ago)
|
![]() |
Description: The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. [...]
January 21st, 2025 (5 months ago)
|
![]() |
Description: The company reports that it is not experiencing any operational issues within its business, so far.
January 21st, 2025 (5 months ago)
|
![]() |
Description: Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...]
January 21st, 2025 (5 months ago)
|