2024-1 - Apple, Canonical, Red Hat, Cisco, Microsoft, GitHub Published on January 15, 2024

What's AdvisoryWeek?

AdvisoryWeek is a once weekly email that rounds up the latest security advisories published in the past week.

Can't find a way to get security emails from your favorite vendors? Not all vendors provide email notifications, you can use AdvisoryWeek to make sure you get important security advisories and bulletins.
Security FOMO? Don't fret, AdvisoryWeek tracks security advisories from major vendors like Microsoft, Adobe, Apple, Oracle, and many more.
Too much noise? AdvisoryWeek is one email per week, with organized links to each vendor security advisory.

Advisory Week

Week 1, 2024

Apple Security Advisory

Magic Keyboard Firmware Update 2.0.6 Security Content

National Cyber Awareness System

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved

CISA Releases Nine Industrial Control Systems Advisories

Cisco Releases Security Advisory for Cisco Unity Connection

Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases One Industrial Control Systems Advisory

Fortinet Releases Security Updates for FortiOS and FortiProxy

Microsoft Releases Security Updates for Multiple Products

CISA Adds Six Known Exploited Vulnerabilities to Catalog

Ubuntu Security Notices

Xerces-C++ vulnerability: USN-6579-1

OpenSSH vulnerabilities: USN-6560-2

.NET vulnerabilities: USN-6578-1

Go vulnerabilities: USN-6574-1 / USN-6038-2

Firefox regressions: USN-6562-2

Linux kernel (AWS) vulnerabilities: USN-6577-1

Linux kernel vulnerabilities: USN-6549-5

Linux kernel (IoT) vulnerabilities: USN-6548-5

Linux kernel (OEM) vulnerability: USN-6576-1

Twisted vulnerabilities: USN-6575-1

GNU C Library regression: USN-6541-2

Linux kernel (GKE) vulnerabilities: USN-6548-4

Linux kernel (Azure) vulnerabilities: USN-6573-1 / USN-6572-1

Monit vulnerability: USN-6571-1

PostgreSQL vulnerabilities: USN-6570-1

libclamunrar vulnerabilities: USN-6569-1

ClamAV update: USN-6568-1

QEMU vulnerabilities: USN-6567-1

GnuTLS vulnerability: USN-6499-2

Red Hat Security Advisory

Low: openssl security update: RHSA-2024:0208 / RHSA-2024:0154

Important: .NET 6.0 security update: RHSA-2024:0158 / RHSA-2024:0156

Important: .NET 7.0 security update: RHSA-2024:0157 / RHSA-2024:0151

Moderate: gnutls security update: RHSA-2024:0155

Important: .NET 8.0 security update: RHSA-2024:0152 / RHSA-2024:0150

Important: Red Hat Integration Camel K 1.10.5 release and security update: RHSA-2024:0148

Moderate: ipa security update: RHSA-2024:0141 / RHSA-2024:0142 / RHSA-2024:0140

Low: libarchive security update: RHSA-2024:0146

Moderate: idm:DL1 security update: RHSA-2024:0143 / RHSA-2024:0144 / RHSA-2024:0139 / RHSA-2024:0138 / RHSA-2024:0137

Moderate: virt:rhel and virt-devel:rhel security update: RHSA-2024:0135

Moderate: fence-agents security update: RHSA-2024:0133

Important: kernel-rt security update: RHSA-2024:0134

Moderate: frr security update: RHSA-2024:0130

Important: kernel security update: RHSA-2024:0113

Moderate: nss security update: RHSA-2024:0107 / RHSA-2024:0106 / RHSA-2024:0105 / RHSA-2024:0093

Important: OpenShift Container Platform 4.11.56 bug fix and security update: RHSA-2024:0059

Important: OpenShift Container Platform 4.14.8 bug fix and security update: RHSA-2024:0050

Moderate: Red Hat build of Keycloak 22.0.8 enhancement and security update: RHSA-2024:0101

Moderate: Red Hat build of Keycloak 22.0.8 images enhancement and security update: RHSA-2024:0100

Moderate: Red Hat Single Sign-On 7.6.6 security update: RHSA-2024:0098 / RHSA-2024:0096 / RHSA-2024:0095 / RHSA-2024:0094

Moderate: Red Hat Single Sign-On 7.6.6 for OpenShift image enhancement and security update: RHSA-2024:0097

Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 9: RHSA-2024:0096

Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 8: RHSA-2024:0095

Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 7: RHSA-2024:0094

Important: kpatch-patch security update: RHSA-2024:0089

Important: squid security update: RHSA-2024:0071

Cisco Security Advisory

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

Cisco TelePresence Management Suite Cross-Site Scripting Vulnerabilities

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability

Cisco WAP371 Wireless Access Point Command Injection Vulnerability

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Vulnerabilities

Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability

Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Stored Cross-Site Scripting Vulnerability

Microsoft Security

Microsoft January 2024 Security Update Guide

Chromium: CVE-2024-0333 Insufficient data validation in Extensions

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability: CVE-2024-20675

Adobe Systems Incorporated: CVE-2024-20721 Improper Input Validation Denial of Service Vulnerability

Adobe Systems Incorporated: CVE-2024-20709 Javascript Implementation PDF Vulnerability

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability: CVE-2024-21337

BitLocker Security Feature Bypass Vulnerability: CVE-2024-20666

Windows Kerberos Security Feature Bypass Vulnerability: CVE-2024-20674

Microsoft Office Remote Code Execution Vulnerability: CVE-2024-20677

Azure Storage Mover Remote Code Execution Vulnerability: CVE-2024-20676

Microsoft ODBC Driver Remote Code Execution Vulnerability: CVE-2024-20654

Windows Group Policy Elevation of Privilege Vulnerability: CVE-2024-20657

Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability: CVE-2024-20658

Windows Message Queuing Client (MSMQC) Information Disclosure: CVE-2024-20680 / CVE-2024-20663

Windows Cryptographic Services Remote Code Execution Vulnerability: CVE-2024-20682

Win32k Elevation of Privilege Vulnerability: CVE-2024-20683 / CVE-2024-20686

Windows Nearby Sharing Spoofing Vulnerability: CVE-2024-20690

Windows Themes Information Disclosure Vulnerability: CVE-2024-20691

Windows CoreMessaging Information Disclosure Vulnerability: CVE-2024-20694

MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow

Windows Libarchive Remote Code Execution Vulnerability: CVE-2024-20696 / CVE-2024-20697

Windows Kernel Elevation of Privilege Vulnerability: CVE-2024-20698

Windows Hyper-V Denial of Service Vulnerability: CVE-2024-20699

Windows Hyper-V Remote Code Execution Vulnerability: CVE-2024-20700

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability: CVE-2024-21305

Remote Desktop Client Remote Code Execution Vulnerability: CVE-2024-21307

Windows TCP/IP Information Disclosure Vulnerability: CVE-2024-21313

Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability: CVE-2024-21325

.NET Core and Visual Studio Denial of Service Vulnerability: CVE-2024-20672

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability: CVE-2024-0056

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability: CVE-2024-0057

Windows HTML Platforms Security Feature Bypass Vulnerability: CVE-2024-20652

Microsoft Common Log File System Elevation of Privilege Vulnerability: CVE-2024-20653

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability: CVE-2024-20655

Visual Studio Elevation of Privilege Vulnerability: CVE-2024-20656

Microsoft Message Queuing Information Disclosure Vulnerability: CVE-2024-20660 / CVE-2024-20664 / CVE-2024-21314

Microsoft Message Queuing Denial of Service Vulnerability: CVE-2024-20661

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability: CVE-2024-20662

Windows Server Key Distribution Service Security Feature Bypass: CVE-2024-21316

Windows Subsystem for Linux Elevation of Privilege Vulnerability: CVE-2024-20681

Microsoft AllJoyn API Denial of Service Vulnerability: CVE-2024-20687

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability: CVE-2024-20692

Microsoft Bluetooth Driver Spoofing Vulnerability: CVE-2024-21306

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability: CVE-2024-21309

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability: CVE-2024-21310

Windows Cryptographic Services Information Disclosure Vulnerability: CVE-2024-21311

.NET Framework Denial of Service Vulnerability: CVE-2024-21312

Microsoft SharePoint Server Remote Code Execution Vulnerability: CVE-2024-21318

Microsoft Identity Denial of service vulnerability: CVE-2024-21319

Windows Themes Spoofing Vulnerability: CVE-2024-21320

Github Security Advisories

[GHSA-q6w5-jg5q-47vg] @clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR)

[GHSA-8qw9-gf7w-42x5] Minor fix to previous patch for CVE-2022-35918

[GHSA-chcr-x7hc-8fp8] Devise-Two-Factor vulnerable to brute force attacks

[GHSA-4mq2-gc4j-cmw6] Django Template Engine Vulnerable to XSS

[GHSA-8r25-68wm-jw35] Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268)

[GHSA-pxmr-q2x3-9x9m] Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269)

[GHSA-h374-mm57-879c] Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270)

[GHSA-h5c8-rqwp-cp95] Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

[GHSA-rgrf-6mf5-m882] cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code

[GHSA-2mqj-m65w-jghx] Untrusted search path under some conditions on Windows allows arbitrary code execution

[GHSA-449p-3h89-pw88] Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

[GHSA-p4rx-7wvg-fwrc] CRI-O's pods can break out of resource confinement on cgroupv2

[GHSA-g273-wppx-82w4] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts

[GHSA-c38c-c8mh-vq68] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list

[GHSA-cx99-25hr-5jxf] Pimcore Ecommerce Framework Bundle Improper Access Control allows unprivileged user to access back-office orders list

[GHSA-ppxx-5m9h-6vxf] quic-go's path validation mechanism can be exploited to cause denial of service

[GHSA-97x9-59rv-q5pm] Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

[GHSA-59j7-ghrg-fj52] Microsoft Security Advisory CVE-2024-21319: .NET Denial of Service Vulnerability

[GHSA-4jh3-6jhv-2mgp] react-native-mmkv Insertion of Sensitive Information into Log File vulnerability

[GHSA-8g9c-28fc-mcx2] Microsoft Identity Denial of service vulnerability

[GHSA-rv9j-c866-gp5h] Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability

[GHSA-pvcr-v8j8-j5q3] Parsing JSON serialized payload without protected field can lead to segfault

[GHSA-6673-4983-2vx5] fonttools XML External Entity Injection (XXE) Vulnerability

[GHSA-9763-4f94-gfch] CIRCL's Kyber: timing side-channel (kyberslash2)

[GHSA-8959-rfxh-r4j4] XWiki vulnerable to Denial of Service attack through attachments

[GHSA-rj7p-xjv7-7229] XWiki Remote Code Execution Vulnerability via User Registration

[GHSA-xh35-w7wg-95v3] XWiki has no right protection on rollback action

[GHSA-c2f4-cvqm-65w2] Puma HTTP Request/Response Smuggling vulnerability

[GHSA-mqpq-2p68-46fv] pyload Unauthenticated Flask Configuration Leakage vulnerability

[GHSA-ghmw-rwh8-6qmr] pyload Log Injection vulnerability

[GHSA-v2v2-hph8-q5xp] @fastify/reply-from JSON Content-Type parsing confusion

CISA Known Exploted Vulnerabilities

Joomla! Improper Access Control Vulnerability CVE-2023-23752

D-Link DSL-2750B Devices Command Injection Vulnerability CVE-2016-20017

Apple Multiple Products Code Execution Vulnerability CVE-2023-41990

Apache Superset Insecure Default Initialization of Resource Vulnerability CVE-2023-27524

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300

Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-38203

Microsoft SharePoint Server Privilege Escalation Vulnerability CVE-2023-29357

Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability CVE-2023-46805

Ivanti Connect Secure and Policy Secure Command Injection Vulnerability CVE-2024-21887

The known exploited vulnerabilities list contains vulnerabilities that are known to be activly exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.