Month: February 2022

米国時間の2月10日にAndroidの次期メジャーバージョン「Android 13」が発表され、開発…

CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-15400
https://bakery.cakephp.org/2020/04/18/cakephp_406_released.html
https://baker…

ASUS JAPANは2月10日、ディスプレイを180度開閉できるクラムシェルタイプのChromeb…

Impact
The simplifyBroadcast function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes.
size_t maxRank = 0;
for (auto shape : llvm::enumerate(shapes)) {
auto foun…

Impact
TensorFlow’s type inference can cause a heap OOB read as the bounds checking is done in a DCHECK (which is a no-op during production):
if (node_t.type_id() != TFT_UNSET) {
int ix = input_idx[i];
DCHECK(ix < node_t.args_size())
<&…

Impact
A GraphDef from a TensorFlow SavedModel can be maliciously altered to cause a TensorFlow process to crash due to encountering a StatusOr value that is an error and forcibly extracting the value from it:
if (op_reg_data->type_ctor != nullptr…

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associ…

A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (–check-mode) do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat …