![]() Insufficient policy enforcement in Extensions API in Google Chrome prior to 1.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Insufficient policy enforcement in Web Payments API in Google Chrome prior to 1.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Insufficient policy enforcement in Intents in Google Chrome on Android prior to 1.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Inappropriate implementation in Permission prompts in Google Chrome prior to 1.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges. ![]() VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-229256049 This could lead to local escalation of privilege with no additional execution privileges needed. In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to bypass the restrictions on starting activities from the background due to a missing permission check. Ubiquiti Networks UniFi Dream Machine Pro v7.2.95 allows attackers to bypass domain restrictions via crafted packets. Instead, set the container entrypoint to a value similar to `ENTRYPOINT ` to allow `su` to properly set up supplementary groups. As a workaround, ensure that the `"USER $USERNAME"` Dockerfile instruction is not used. Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions. Users should update to these versions and recreate containers to resolve this issue. This bug has been fixed in containerd v1.6.18 and v.1.5.18. ![]() Downstream applications that use the containerd client library may be affected as well. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up properly inside a container. Containerd is an open source container runtime.
0 Comments
Leave a Reply. |