Windows 10を使っていてヘッドフォンや外部接続ディスプレイに問題を感じているのであれば、この…
[github.com/grafana/loki] Path traversal in Grafana Loki
An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will …
[ansi-html] Uncontrolled Resource Consumption in ansi-html
This affects all versions of package ansi-html. If an attacker provides a malicious string, it will get stuck processing the input for an extremely long time.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-23424
https://github.com/Tjatse/ansi-ht…
[simiki] Command Injection in Simiki
Command Injection in Simiki v1.6.2.1 and prior allows remote attackers to execute arbitrary system commands via line 64 of the component ‘simiki/blob/master/simiki/config.py’.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-19001
https://github.c…
[axios] Incorrect Comparison in axios
axios is vulnerable to Inefficient Regular Expression Complexity
References
https://nvd.nist.gov/vuln/detail/CVE-2021-3749
https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929
https://huntr.dev/bounties/1e8f07fc-c384-4ff9-849…
Sapphire Rapids Update – HotChipsで公開された次世代Xeon SPの新情報
Alder Lake に続き、次はSapphire Rapidsについて。 実はこちらも、HotCh…
Windows 11発売日は「10月5日」に決定
Microsoftは8月31日(米国時間)、「Windows 11 available on Oct…