A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` f ...
Continue Reading
May 24, 2023
## Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. OpenSSL is used by IBM Robotic Process Automation as part of the API Server (CVE-2022-4304, CVE-20 ...
Continue Reading
May 24, 2023
Post ContentRead More ...
Continue Reading
May 24, 2023
A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file `/api/stl/actions/search`. The manipulation of the argument a ...
Continue Reading
May 24, 2023
### Impact The Matrix Federation API allows remote homeservers to request the *authorisation events* of events in a room. This is necessary so that a homeserver receiving some events can validate that ...
Continue Reading
May 24, 2023
### Impact If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current sta ...
Continue Reading
May 24, 2023
### Impact A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federat ...
Continue Reading
May 24, 2023
Post ContentRead More ...
Continue Reading
May 24, 2023
Back to Main
