The bypass occurs in and (if CBC is used) the MAC algorithms. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This issue has been patched in versions 2.2.5 and 3.0.5. If the `content_type` argument of `allowlisted_content_type?` is passed a value crafted by the attacker, Content-Types not included in the `content_type_allowlist` will be allowed. The validation in `allowlisted_content_type?` determines Content-Type permissions by performing a partial match. CarrierWave has a Content-Type allowlist bypass vulnerability, possibly leading to XSS. This issue has been patched in version 2.2.1.ĬarrierWave is a solution for file uploads for Rails, Sinatra and other Ruby web frameworks. The following paths in resque-web have been found to be vulnerable to reflected XSS: "/failed/?class=alert(okie)" and "/queues/>". Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. This issue has been patched in version 2.6.0. Reflected XSS issue occurs when /queues is appended with /">. For example, JWE can sometimes be used to bypass JSON::JWT.decode. The json-jwt (aka JSON::JWT) gem 1.16.3 for Ruby sometimes allows bypass of identity checks via a sign/encryption confusion attack. This issue can lead to a denial of service (DOS) by memory exhaustion. A memory leak flaw was found in ruby-magick, an interface between Ruby and ImageMagick.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |