ISHACK AI BOT

JetBrains TeamCity: CVE-2024-56351: Access tokens were not revoked after removing user roles (TW-76910) Severity 7 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:P) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 access tokens were not revoked after removing user roles Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56351 CVE - 2024-56351 https://www.jetbrains.com/privacy-security/issues-fixed/

JetBrains TeamCity: CVE-2024-56350: Build credentials allowed unauthorized viewing of projects (TW-24904) Severity 4 CVSS (AV:N/AC:L/Au:S/C:P/I:N/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 build credentials allowed unauthorized viewing of projects Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56350 CVE - 2024-56350 https://www.jetbrains.com/privacy-security/issues-fixed/

JetBrains TeamCity: CVE-2024-56356: Insecure XMLParser configuration could lead to potential XXE attack (TW-86582) Severity 6 CVSS (AV:N/AC:H/Au:S/C:C/I:P/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56356 CVE - 2024-56356 https://www.jetbrains.com/privacy-security/issues-fixed/

JetBrains TeamCity: CVE-2024-56353: Backup file exposed user credentials and session cookies. Reported by Thomas Siegbert (TW-89719) Severity 7 CVSS (AV:N/AC:L/Au:M/C:C/I:P/A:N) Published 12/20/2024 Created 12/31/2024 Added 12/30/2024 Modified 02/03/2025 Description In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies Solution(s) jetbrains-teamcity-upgrade-latest References https://attackerkb.com/topics/cve-2024-56353 CVE - 2024-56353 https://www.jetbrains.com/privacy-security/issues-fixed/

FreeBSD: VID-ED0A052A-C5E6-11EF-A457-B42E991FC52E (CVE-2024-56337): Apache Tomcat -- RCE due to TOCTOU issue in JSP compilation Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/20/2024 Created 01/01/2025 Added 12/31/2024 Modified 12/31/2024 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. Solution(s) freebsd-upgrade-package-tomcat101 freebsd-upgrade-package-tomcat110 freebsd-upgrade-package-tomcat9 References CVE-2024-56337

OS X update for Security (CVE-2024-54538) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/20/2024 Created 12/21/2024 Added 12/20/2024 Modified 01/28/2025 Description A denial-of-service issue was addressed with improved input validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, tvOS 18.1, macOS Sonoma 14.7.1, watchOS 11.1, macOS Ventura 13.7.1. A remote attacker may be able to cause a denial-of-service. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-54538 CVE - 2024-54538 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

Red Hat: CVE-2024-53580: iperf: Denial of Service in iperf Due to Improper JSON Handling (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/18/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/22/2025 Description iperf v3.17.1 was discovered to contain a segmentation violation via the iperf_exchange_parameters() function. Solution(s) redhat-upgrade-iperf3 redhat-upgrade-iperf3-debuginfo redhat-upgrade-iperf3-debugsource References CVE-2024-53580 RHSA-2025:0161 RHSA-2025:0168 RHSA-2025:0404 RHSA-2025:0440 RHSA-2025:0505

Huawei EulerOS: CVE-2024-11614: dpdk security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. Solution(s) huawei-euleros-2_0_sp11-upgrade-dpdk References https://attackerkb.com/topics/cve-2024-11614 CVE - 2024-11614 EulerOS-SA-2025-1154

Amazon Linux AMI 2: CVE-2024-56337: Security patch for tomcat (ALASTOMCAT9-2025-015) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/20/2024 Created 01/28/2025 Added 01/27/2025 Modified 01/27/2025 Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. Solution(s) amazon-linux-ami-2-upgrade-tomcat amazon-linux-ami-2-upgrade-tomcat-admin-webapps amazon-linux-ami-2-upgrade-tomcat-docs-webapp amazon-linux-ami-2-upgrade-tomcat-el-3-0-api amazon-linux-ami-2-upgrade-tomcat-jsp-2-3-api amazon-linux-ami-2-upgrade-tomcat-jsvc amazon-linux-ami-2-upgrade-tomcat-lib amazon-linux-ami-2-upgrade-tomcat-servlet-4-0-api amazon-linux-ami-2-upgrade-tomcat-webapps References https://attackerkb.com/topics/cve-2024-56337 AL2/ALASTOMCAT9-2025-015 CVE - 2024-56337

Microsoft Edge Chromium: CVE-2024-12694 Use after free in Compositing Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/21/2024 Added 12/20/2024 Modified 02/14/2025 Description Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-12694 CVE - 2024-12694 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-12694

Debian: CVE-2024-12693: chromium -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/24/2024 Added 12/23/2024 Modified 02/14/2025 Description Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12693 CVE - 2024-12693 DSA-5834-1

Microsoft Edge Chromium: CVE-2024-12692 Type Confusion in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/21/2024 Added 12/20/2024 Modified 02/14/2025 Description Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-12692 CVE - 2024-12692 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-12692

SUSE: CVE-2024-12693: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/10/2025 Added 01/09/2025 Modified 02/14/2025 Description Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12693 CVE - 2024-12693

Rocky Linux: CVE-2024-11614: dpdk (RLSA-2025-0222) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset. Solution(s) rocky-upgrade-dpdk rocky-upgrade-dpdk-debuginfo rocky-upgrade-dpdk-debugsource rocky-upgrade-dpdk-devel rocky-upgrade-dpdk-tools References https://attackerkb.com/topics/cve-2024-11614 CVE - 2024-11614 https://errata.rockylinux.org/RLSA-2025:0222

Microsoft Edge Chromium: CVE-2024-12693 Out of bounds memory access in V8 Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/21/2024 Added 12/20/2024 Modified 02/14/2025 Description Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-12693 CVE - 2024-12693 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-12693

FreeBSD: (Multiple Advisories) (CVE-2024-12694): electron32 -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/24/2024 Added 12/21/2024 Modified 02/14/2025 Description Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-electron32 freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2024-12694

Ubuntu: USN-7197-1 (CVE-2024-45338): Go Networking vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/11/2025 Added 01/10/2025 Modified 01/10/2025 Description An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service. Solution(s) ubuntu-pro-upgrade-adsys ubuntu-pro-upgrade-adsys-windows ubuntu-pro-upgrade-golang-go-net-dev ubuntu-pro-upgrade-golang-golang-x-net-dev ubuntu-pro-upgrade-juju ubuntu-pro-upgrade-juju-2-0 References https://attackerkb.com/topics/cve-2024-45338 CVE - 2024-45338 USN-7197-1

Apache Tomcat: Low: DoS in examples web application (CVE-2024-54677) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/19/2024 Added 12/18/2024 Modified 12/19/2024 Description Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. Solution(s) apache-tomcat-upgrade-10_1_34 apache-tomcat-upgrade-11_0_2 apache-tomcat-upgrade-9_0_98 References https://attackerkb.com/topics/cve-2024-54677 CVE - 2024-54677 http://tomcat.apache.org/security-10.html http://tomcat.apache.org/security-11.html http://tomcat.apache.org/security-9.html

FreeBSD: VID-E18C5C8D-BE01-11EF-8C1C-A8A1599412C6 (CVE-2024-12692): chromium -- multiple security fixes Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/24/2024 Added 12/21/2024 Modified 02/14/2025 Description Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-ungoogled-chromium References CVE-2024-12692

SUSE: CVE-2024-12695: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/15/2025 Added 01/14/2025 Modified 02/14/2025 Description Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12695 CVE - 2024-12695

SUSE: CVE-2024-12694: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/15/2025 Added 01/14/2025 Modified 02/14/2025 Description Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12694 CVE - 2024-12694

FreeBSD: VID-D9B0FEA0-D564-11EF-B9BC-D05099C0AE8C: age -- age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/21/2025 Added 01/19/2025 Modified 01/19/2025 Description Filippo Valsorda reports: A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the age CLI through an attacker-controlled recipient or identity string, or to the plugin.NewIdentity, plugin.NewIdentityWithoutData, or plugin.NewRecipient APIs. Solution(s) freebsd-upgrade-package-age

SUSE: CVE-2024-12692: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 01/10/2025 Added 01/09/2025 Modified 02/14/2025 Description Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12692 CVE - 2024-12692

Debian: CVE-2024-12694: chromium -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 12/18/2024 Created 12/24/2024 Added 12/23/2024 Modified 02/14/2025 Description Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-12694 CVE - 2024-12694 DSA-5834-1

BeyondTrust Privileged Remote Access: CVE-2024-12686: Unauthenticated Remote Execution Severity 7 CVSS (AV:N/AC:H/Au:S/C:C/I:C/A:C) Published 12/18/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/16/2025 Description A vulnerability has been discovered in Privileged Remote Access (PRA) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. Solution(s) beyondtrust-bt24-11-remote References https://attackerkb.com/topics/cve-2024-12686 CVE - 2024-12686 https://www.beyondtrust.com/trust-center/security-advisories/bt24-11