Read Time:3 Second
UK government finds NortonLifeLock purchase of Avast could reduce competition
Daily Archives: March 16, 2022
Breaking RSA through Insufficiently Random Primes
Read Time:47 Second
Basically, the SafeZone library doesn’t sufficiently randomize the two prime numbers it used to generate RSA keys. They’re too close to each other, which makes them vulnerable to recovery.
There aren’t many weak keys out there, but there are some:
So far, Böck has identified only a handful of keys in the wild that are vulnerable to the factorization attack. Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). Printer users can use the keys to generate a Certificate Signing Request. The creation date for the all the weak keys was 2020 or later. The weak Canon keys are tracked as CVE-2022-26351.
Böck also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. A user ID tied to the keys implied they were created for testing, so he doesn’t believe they’re in active use.
CVE-2021-23648
Read Time:7 Second
The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
Drupal core – Moderately critical – Third-party libraries – SA-CORE-2022-005
Read Time:1 Minute, 50 Second
Project:
Date:
2022-March-16
Vulnerability:
Third-party libraries
CVE IDs:
CVE-2022-24728
CVE-2022-24729
Description:
The Drupal project uses the CKEditor library for WYSIWYG editing. CKEditor has released a security update that impacts Drupal.
Vulnerabilities are possible if Drupal is configured to allow use of the CKEditor library for WYSIWYG editing. An attacker that can create or edit content (even without access to CKEditor themselves) may be able to exploit one or more Cross-Site Scripting (XSS) vulnerabilities to target users with access to the WYSIWYG CKEditor, including site admins with privileged access.
For more information, see CKEditor’s security advisories:
CVE-2022-24728: HTML processing vulnerability allowing to execute JavaScript code
CVE-2022-24729: Regular expression Denial of Service in dialog plugin
This advisory is not covered by Drupal Steward.
Solution:
Install the latest version:
If you are using Drupal 9.3, update to Drupal 9.3.8.
If you are using Drupal 9.2, update to Drupal 9.2.15.
All versions of Drupal 9 prior to 9.2.x are end-of-life and do not receive security coverage. Note that Drupal 8 has reached its end of life.
Instructions for Drupal 7 and contributed modules
Drupal 7 core is not affected, although Drupal 7, 8, and 9 site owners should review their site following the protocol for managing external libraries and plugins previously suggested by the Drupal Security Team, as contributed projects may use additional CKEditor plugins not packaged in Drupal core.
Users of the Webform module should ensure Webform’s version of CKEditor 4 is also up-to-date after updating Drupal core and libraries for any affected contributed modules. If it is not, Webform users can try the following steps to update it:
If using Composer, run drush webform:libraries:composer > DRUPAL_ROOT/composer.libraries.json and run composer update
If using Drush without Composer, run drush webform:libraries:update.
Reported By:
Fixed By:
CVE-2021-23165
Read Time:9 Second
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
CVE-2021-23158
Read Time:12 Second
A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service.
CVE-2021-20299
Read Time:11 Second
A flaw was found in OpenEXR’s Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
CVE-2021-20257
Read Time:19 Second
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2021-20180
Read Time:15 Second
A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality.
CVE-2021-0957
Read Time:14 Second
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way to bypass Factory Reset Protections. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-193149550