What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-22 20:15:12 | CVE-2022-1097 (lien direct) | NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. | Vulnerability Guideline | ||
|
2022-12-22 20:15:12 | CVE-2021-4221 (lien direct) | If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.* *Note*: Due to a clerical error this advisory was not included in the original announcement, and was added in Feburary 2022. This vulnerability affects Firefox < 92. | Vulnerability Guideline | ||
 |
2022-12-22 19:53:25 | We\'re Honored to Be Recognized Again! A Leader 11 Straight Times (lien direct) | Gartner named Palo Alto Networks a Leader for the eleventh consecutive time in its Gartner® Magic Quadrant™ for Network Firewalls for 2022. | Guideline | ★★ | |
 |
2022-12-22 19:45:47 | Insiders worry CISA is too distracted from critical cyber mission (lien direct) | >The agency appears to be struggling with internal divisions, morale problems and growing concerns about leadership priorities. | Guideline | ★ | |
|
2022-12-22 19:15:08 | CVE-2022-23540 (lien direct) | In versions ` | Guideline | ||
|
2022-12-22 18:15:09 | CVE-2022-23541 (lien direct) | jsonwebtoken is an implementation of JSON Web Tokens. Versions ` | Guideline | ||
 |
2022-12-22 17:25:27 | Leading sports betting firm BetMGM discloses data breach (lien direct) | Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed number of customers. [...] | Data Breach Threat Guideline | ★★★★ | |
 |
2022-12-22 12:29:00 | Fortinet Named A Leader in the 2022 Gartner® Magic Quadrant™ for Network Firewalls, Placed Highest in Ability to Execute (lien direct) | Fortinet has once again been named a Leader in the 2022 Gartner® Magic Quadrant™ for Network Firewalls. Read more. | Guideline | ★ | |
|
2022-12-22 10:15:10 | CVE-2022-41654 (lien direct) | An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | Vulnerability Guideline | ||
|
2022-12-22 10:15:10 | CVE-2022-41697 (lien direct) | A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability. | Vulnerability Guideline | ||
|
2022-12-22 10:15:09 | CVE-2020-36625 (lien direct) | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in destiny.gg chat. It has been rated as problematic. This issue affects the function websocket.Upgrader of the file main.go. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is bebd256fc3063111fb4503ca25e005ebf6e73780. It is recommended to apply a patch to fix this issue. The identifier VDB-216521 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | Vulnerability Guideline | ||
|
2022-12-22 10:15:08 | CVE-2020-36624 (lien direct) | A vulnerability was found in ahorner text-helpers 1.1.0/1.1.1. It has been declared as critical. This vulnerability affects unknown code of the file lib/text_helpers/translation.rb. The manipulation of the argument link leads to use of web link to untrusted target with window.opener access. The attack can be initiated remotely. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is 184b60ded0e43c985788582aca2d1e746f9405a3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216520. | Vulnerability Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4639 (lien direct) | A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msg_info leads to format string. The attack may be initiated remotely. The name of the patch is b19f8a6046b080e4c2e28354a58556bb26040c6f. It is recommended to apply a patch to fix this issue. The identifier VDB-216497 was assigned to this vulnerability. | Guideline | ||
|
2022-12-21 22:15:08 | CVE-2021-4275 (lien direct) | A vulnerability, which was classified as problematic, was found in katlings pyambic-pentameter. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is 974f21aa1b2527ef39c8afe1a5060548217deca8. It is recommended to apply a patch to fix this issue. VDB-216498 is the identifier assigned to this vulnerability. | Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4642 (lien direct) | A vulnerability was found in tatoeba2. It has been classified as problematic. This affects an unknown part of the component Profile Name Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version prod_2022-10-30 is able to address this issue. The name of the patch is 91110777fc8ddf1b4a2cf4e66e67db69b9700361. It is recommended to upgrade the affected component. The identifier VDB-216501 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4637 (lien direct) | A vulnerability classified as problematic has been found in ep3-bs 1.8.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.8.1 is able to address this issue. The name of the patch is ef49e709c8adecc3a83cdc6164a67162991d2213. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216495. | Vulnerability Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4638 (lien direct) | A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 5da36305ca7ed433782be8901c47387406fcda12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216496. | Vulnerability Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4640 (lien direct) | A vulnerability has been found in Mingsoft MCMS 5.2.9 and classified as problematic. Affected by this vulnerability is the function save of the component Article Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216499. | Vulnerability Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4643 (lien direct) | A vulnerability was found in docconv up to 1.3.4. It has been declared as critical. This vulnerability affects the function ConvertPDFImages of the file pdf_ocr.go. The manipulation of the argument path leads to os command injection. The attack can be initiated remotely. Upgrading to version 1.3.5 is able to address this issue. The name of the patch is b19021ade3d0b71c89d35cb00eb9e589a121faa5. It is recommended to upgrade the affected component. VDB-216502 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 22:15:08 | CVE-2022-4641 (lien direct) | A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is the function LogisticRegression of the file src/main/java/org/apache/mahout/pig/LogisticRegression.java. The manipulation leads to insecure temporary file. The attack needs to be approached locally. The name of the patch is 1e7bd9fab5401a2df18d2eabd802adcf0dcf1f15. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216500. | Vulnerability Guideline | ||
 |
2022-12-21 22:00:00 | Supply Chain Risks Got You Down? Keep Calm and Get Strategic! (lien direct) | Security leaders must maintain an effective cybersecurity strategy to help filter some of the noise on new vulnerabilities. | Guideline | ★★★ | |
|
2022-12-21 19:15:15 | CVE-2022-4632 (lien direct) | A vulnerability has been found in Auto Upload Images 3.3.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.3.2 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. The identifier VDB-216481 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:15 | CVE-2022-4633 (lien direct) | A vulnerability was found in Auto Upload Images 3.3.1 and classified as problematic. Affected by this issue is some unknown functionality of the file src/setting-page.php of the component Settings Handler. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 3.3.2 is able to address this issue. The name of the patch is 895770ee93887ec78429c78ffdfb865bee6f9436. It is recommended to upgrade the affected component. VDB-216482 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:15 | CVE-2022-4631 (lien direct) | A vulnerability, which was classified as problematic, was found in WP-Ban. Affected is an unknown function of the file ban-options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 22b925449c84faa9b7496abe4f8f5661cb5eb3bf. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216480. | Vulnerability Guideline | ||
|
2022-12-21 19:15:14 | CVE-2021-4274 (lien direct) | A vulnerability, which was classified as problematic, has been found in sileht bird-lg. This issue affects some unknown processing of the file templates/layout.html. The manipulation of the argument request_args leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ef6b32c527478fefe7a4436e10b96ee28ed5b308. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216479. | Vulnerability Guideline | ||
|
2022-12-21 19:15:14 | CVE-2021-4273 (lien direct) | A vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 97ba556d42fa89dfaa7737e9cd3a8ddaf670bb23. It is recommended to apply a patch to fix this issue. VDB-216478 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:13 | CVE-2021-4268 (lien direct) | A vulnerability, which was classified as problematic, was found in phpRedisAdmin up to 1.17.3. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 1.18.0 is able to address this issue. The name of the patch is b9039adbb264c81333328faa9575ecf8e0d2be94. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216471. | Vulnerability Guideline | ||
|
2022-12-21 19:15:13 | CVE-2021-4270 (lien direct) | A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 6140b140ccd02b5e4e7d6ba013ac1225724487f4. It is recommended to apply a patch to fix this issue. VDB-216474 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:13 | CVE-2021-4272 (lien direct) | A vulnerability classified as problematic has been found in studygolang. This affects an unknown part of the file static/js/topics.js. The manipulation of the argument contentHtml leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is 0fb30f9640bd5fa0cae58922eac6c00bb1a94391. It is recommended to apply a patch to fix this issue. The identifier VDB-216477 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:13 | CVE-2021-4267 (lien direct) | A vulnerability classified as problematic was found in tad_discuss. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DiscussTitle leads to cross site scripting. The attack can be launched remotely. The name of the patch is af94d034ff8db642d05fd8788179eab05f433958. It is recommended to apply a patch to fix this issue. The identifier VDB-216469 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:13 | CVE-2021-4271 (lien direct) | A vulnerability was found in panicsteve w2wiki. It has been rated as problematic. Affected by this issue is the function toHTML of the file index.php of the component Markdown Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is 8f1d0470b4ddb1c7699e3308e765c11ed29542b6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216476. | Vulnerability Guideline | ||
|
2022-12-21 19:15:13 | CVE-2021-4269 (lien direct) | A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472. | Vulnerability Guideline | ||
|
2022-12-21 19:15:12 | CVE-2021-4266 (lien direct) | A vulnerability classified as problematic has been found in Webdetails cpf up to 9.5.0.0-80. Affected is an unknown function of the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java. The manipulation of the argument baseUrl leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 9.5.0.0-81 is able to address this issue. The name of the patch is 3bff900d228e8cae3af256b447c5d15bdb03c174. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216468. | Vulnerability Guideline | ||
|
2022-12-21 19:15:12 | CVE-2020-36622 (lien direct) | A vulnerability was found in sah-comp bienlein and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The name of the patch is d7836a4f2b241e4745ede194f0f6fb47199cab6b. It is recommended to apply a patch to fix this issue. The identifier VDB-216473 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 19:15:12 | CVE-2021-4263 (lien direct) | A vulnerability, which was classified as problematic, has been found in leanote. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The name of the patch is https:/github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability. | Guideline | ||
|
2022-12-21 19:15:12 | CVE-2020-36623 (lien direct) | A vulnerability was found in Pengu. It has been declared as problematic. Affected by this vulnerability is the function runApp of the file src/index.js. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The name of the patch is aea66f12b8cdfc3c8c50ad6a9c89d8307e9d0a91. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216475. | Vulnerability Guideline | ||
|
2022-12-21 19:15:12 | CVE-2021-4265 (lien direct) | A vulnerability was found in siwapp-ror. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 924d16008cfcc09356c87db01848e45290cb58ca. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216467. | Vulnerability Guideline | ||
|
2022-12-21 19:15:12 | CVE-2021-4264 (lien direct) | A vulnerability was found in LinkedIn dustjs 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.1 is able to address this issue. The name of the patch is ddb6523832465d38c9d80189e9de60519ac307c3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216464. | Vulnerability Guideline | ||
|
2022-12-21 19:15:11 | CVE-2020-36621 (lien direct) | A vulnerability, which was classified as problematic, has been found in chedabob whatismyudid. Affected by this issue is the function exports.enrollment of the file routes/mobileconfig.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is bb33d4325fba80e7ea68b79121dba025caf6f45f. It is recommended to apply a patch to fix this issue. VDB-216470 is the identifier assigned to this vulnerability. | Guideline | ||
|
2022-12-21 19:15:11 | CVE-2020-36620 (lien direct) | A vulnerability was found in Brondahl EnumStringValues 4.0.1. It has been declared as problematic. This vulnerability affects the function GetStringValuesWithPreferences_Uncache of the file EnumStringValues/EnumExtensions.cs. The manipulation leads to resource consumption. Upgrading to version 4.0.2 is able to address this issue. The name of the patch is c0fc7806beb24883cc2f9543ebc50c0820297307. It is recommended to upgrade the affected component. VDB-216466 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2022-12-21 17:15:09 | CVE-2022-44756 (lien direct) | Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access. | Vulnerability Guideline | ||
|
2022-12-21 17:15:09 | CVE-2022-42454 (lien direct) | Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access. | Vulnerability Guideline | ||
 |
2022-12-21 17:12:56 | GCP-2022-002 (lien direct) | Published:Updated:Description Description Severity Notes 2022-02-25 Update: The GKE versions have been updated. For instructions and more details, see the: GKE security bulletin 2022-02-23 Update: The GKE and Anthos clusters on VMware versions have been updated. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin 2022-02-04 Update: The rollout start date for GKE patch versions was February 2. Note: Your clusters might not have these versions available immediately. Rollouts began on February 2 and take four or more business days to be completed across all Google Cloud zones. Three security vulnerabilities, CVE-2021-4154, CVE-2021-22600, and CVE-2022-0185, have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all node operating systems (COS and Ubuntu) on GKE, Anthos clusters on VMware, Anthos clusters on AWS (current and previous generation), and Anthos on Azure. Pods using GKE Sandbox are not vulnerable to these vulnerabilities. See the COS release notes for more details. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin High CVE-2021-4154 CVE-2021-22600 CVE-2022-0185 | Guideline | Uber | ★★★ |
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-024 (lien direct) | Published: 2022-11-09Updated: 2022-12-16Description Description Severity Notes 2022-12-16 Update: Added patch versions for GKE and Anthos clusters on VMware. Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to root on the node. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-2585 CVE-2022-2588 | Guideline | ★★★ | |
|
2022-12-21 17:12:56 | GCP-2022-019 (lien direct) | Published: 2022-09-22Description Description Severity Notes A message parsing and memory management vulnerability in ProtocolBuffer's C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message. This could lead to a denial of service (DoS) on services using the libraries. What should I do? Ensure that you're using the latest versions of the following software packages: protobuf-cpp (3.18.3, 3.19.5, 3.20.2, 3.21.6) protobuf-python (3.18.3, 3.19.5, 3.20.2, 4.21.6) What vulnerabilities are addressed by this patch? The patch mitigates the following vulnerability: A specially constructed small message that causes the running service to allocate large amounts of RAM. The small size of the request means that it is easy to take advantage of the vulnerability and exhaust resources. C++ and Python systems that consume untrusted protobufs would be vulnerable to DoS attacks if they contain a MessageSet object in their RPC request. Medium CVE-2022-1941 | Vulnerability Guideline | ★★★ | |
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-018 (lien direct) | Published: 2022-08-01Updated: 2022-09-14Description Description Severity Notes 2022-09-14 Update: Added patch versions for Anthos clusters on VMware, Anthos clusters on AWS, and Anthos on Azure. A new vulnerability (CVE-2022-2327) has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve a full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletinHigh CVE-2022-2327 | Vulnerability Guideline | ★★★ | |
|
2022-12-21 17:12:56 | (Déjà vu) GCP-2022-021 (lien direct) | Published: 2022-10-27Updated: 2022-12-15Description Description Severity Notes 2022-12-15 Update: Updated information that version 1.21.14-gke.9400 of Google Kubernetes Engine is pending rollout and may be superseded by a higher version number. 2022-11-22 Update: Added patch versions for Anthos clusters on VMware, Anthos clusters on AWS, and Anthos on Azure. A new vulnerability, CVE-2022-3176, has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-3176 | Vulnerability Guideline | Uber | ★★★ |
|
2022-12-21 17:12:56 | GCP-2022-014 (lien direct) | Published: 2022-04-26 Updated: 2022-11-22Description Description Severity Notes 2022-11-22 Update: GKE Autopilot clusters and workloads running in GKE Sandbox are unaffected. 2022-05-12 Update: The Anthos clusters on AWS and Anthos on Azure versions have been updated. For instructions and more details, see the:Anthos clusters on AWS security bulletin Anthos on bare metal security bulletin Two security vulnerabilities, CVE-2022-1055 and CVE-2022-27666 have been discovered in the Linux kernel. Each can lead to a local attacker being able to perform a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all GKE node operating systems (Container-Optimized OS and Ubuntu). For instructions and more details, see the following security bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-1055 CVE-2022-27666 | Guideline | Uber | ★★★ |
|
2022-12-21 17:12:56 | GCP-2022-008 (lien direct) | Published: 2022-02-23 Updated: 2022-04-28Description
Description
Severity
Notes
2022-04-28 Update: Added versions of Anthos clusters on VMware that fix these vulnerabilities. For details, see the Anthos clusters on VMware security bulletin. The Envoy project recently discovered a set of vulnerabilities. All issues listed below are fixed in Envoy release 1.21.1. CVE-2022-23606: When a cluster is deleted via Cluster Discovery Service (CDS) all idle connections established to endpoints in that cluster are disconnected. A recursion was erroneously introduced in Envoy version 1.19 to the procedure of disconnecting idle connections that can lead to stack exhaustion and abnormal process termination when a cluster has a large number of idle connections. CVE-2022-21655: Envoy's internal redirect code assumes that a route entry exists. When an internal redirect is done to a route which has a direct response entry and no route entry, it results in dereferencing a null pointer and crashing. CVE-2021-43826: When Envoy is configured to use tcp_proxy which uses upstream tunneling (over HTTP), and downstream TLS termination, Envoy will crash if the downstream client disconnects during the TLS handshake while the upstream HTTP stream is still being established. The downstream disconnect can be either client or server initiated. The client can disconnect for any reason. The server may disconnect if, for example, it has no TLS ciphers or TLS protocol versions compatible with the client. It may be possible to trigger this crash in other downstream configurations as well. CVE-2021-43825: Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or 500 responses. However when locally generated response is sent because of the internal buffer overflows while response is processed by the filter chain the operation may not be aborted correctly and result in accessing a freed memory block. CVE-2021-43824: Envoy crashes when using the JWT filter with a "safe_regex" match rule and a specially crafted request like "CONNECT host:port HTTP/1.1". When reaching the JWT filter, a "safe_regex" rule should evaluate the URL path but there is none here, and Envoy crashes with segfaults. CVE-2022-21654: Envoy would incorrectly allow TLS session resumption after mTLS validation settings had been reconfigured. If a client certificate was allowed with the old configuration but disallowed with the new configuration, the client could resume the previous TLS session even though the current configuration should disallow it. Changes to the following settings are affected: match_subject_alt_names CRL changes allow_expired_certificate Trust_chain_verification only_verify_leaf_cert_crl CVE-2022-21657: Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS ser |
Guideline | ★★★ | |
 |
2022-12-21 16:52:39 | 3x Expert Comments - The Guardian Attack (lien direct) | Following today's news that The Guardian has been hit by a cyberattack, potentially of the ransomware kind, leading to staff members having to work from home, Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, Dr Darren Williams, CEO of Blackfog, and Stephen Gates, Security Evangelist at Checkmarx comment: - Malware Update | Ransomware Guideline | ★ |
To see everything:
Our RSS (filtrered)
