A vulnerability in the RESTCONF service of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to cause a denial of service (DoS) on an affected system that is running as the root user. To exploit this vulnerability, the attacker must be a member of the admin group. This vulnerability exists because user-supplied input is not properly validated when RESTCONF is used to upload packages to an affected device. An attacker could exploit this vulnerability by
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-path-trvsl-zjBeMkZg?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Network%20Services%20Orchestrator%20Path%20Traversal%20Vulnerability&vs_k=1
by Michael Hawkins. Blog search required additional sanitizing to prevent a reflected XSS risk. Severity/Risk: Serious Versions affected: 4.1 and 4.0 to 4.0.5 Versions fixed: 4.1.1, 4.0.6 Reported by: Unknown (name not provided) CVE identifier: CVE-2023-23922 Changes (master): http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76861 Tracker issue: MDL-76861 Reflected XSS risk in blog search
More info:
https://moodle.org/mod/forum/discuss.php?d=443273&parent=1782022
Detect Malware in Container Images As organizations continue to adopt containers and Kubernetes for their applications, the need to secure these containers becomes increasingly important. Many applications are built with third-party sourced components from public image registries. Attackers are privy to the growing use of these third-party image registries, and often target them with malware, … ContinuedThe post Malware Detection in Container Images appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2023/02/malware-detection-in-container-images.html?utm_source=rss&utm_medium=rss&utm_campaign=malware-detection-in-container-images
