「Sumatacoアロマディフューザー」は、人感センサーバックライトを搭載したアロマディフューザー。…

Util/PHP/eval-stdin.php in PHPUnit starting with 4.8.19 and before 4.8.28, as well as 5.x before 5.6.3, allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a <?php substring, as demonstrated by an attack on a sit…

A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up a…

Impact
What kind of vulnerability is it?
Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, st…