🔒 New Kitten & JSDB Releases

Security fix, JSDB 6.0.1.

This is a critical update.

• JSDB¹ versions 6.0.0 and below suffer from potential data corruption/arbitrary code execution as string keys were not being sanitised in the same way string values were² (so this is relevant to you if you’re storing untrusted data as keys in your data structures in JSDB and/or Kitten databases without carrying out any of your own sanitisation at the application level).

• The latest Kitten release uses JSDB version 6.0.1. Your deployment servers will automatically update in the next few hours. On your development machines, please run `kitten update` in your terminal or use the Update feature in Kitten Settings from your browser.

• If you are using Kitten’s Database App Modules³ feature in your apps, you will have installed JSDB manually and you should update your installation to version 6.0.1.

¹ https://codeberg.org/small-tech/jsdb/
² https://codeberg.org/small-tech/jsdb/issues/22
³ https://kitten.small-web.org/reference/#database-app-modules

#Kitten #SmallWeb #JSDB #JavaScriptDatabase #KittenRelease #JSDBRelease #securityUpdate #criticalUpdate

Cisco discloses a 10.0 CVSS rating vulnerability in SSM On-Prem

https://stackdiary.com/cisco-discloses-cve-2024-20419-for-ssm-on-prem/

#Cisco #Security #Vulnerability #Cybersecurity #CVSS #Hackers #Exploitation #ITsecurity #DataBreach #Software #TechNews #SecurityFlaw #NetworkSecurity #CriticalUpdate #Admins #DataProtection #PatchNow #Infosec #CyberThreats #SecureNetworks #TechUpdate #DigitalSafety #SoftwareBug #CyberDefense #CriticalVulnerability #ITupdate #SystemAdmin #SecureSoftware #NetworkAdmin #CyberAlert #CVE

Oracle releases 386 new security updates for the July patch round

https://stackdiary.com/oracle-releases-386-new-security-updates-for-the-july-patch-round/

#Oracle #Security #Updates #Patch #Vulnerabilities #Critical #Cybersecurity #Technology #IT #Software #WebLogic #MySQL #Siebel #Cloud #Database #Enterprise #Risk #Patching #Cyberattack #Network #Authentication #SecurityUpdate #SoftwareUpdate #TechNews #InformationSecurity #CVE #Exploit #CriticalUpdate #OraclePatch #CyberThreat #SecurityAlert

Mastodon: Security flaw allows unauthorized access to posts

https://stackdiary.com/mastodon-security-flaw-allows-unauthorized-access-to-posts/

#Mastodon #Security #Vulnerability #Update #Cybersecurity #Privacy #Software #Patch #Server #HighRisk #Hackers #DataProtection #Infosec #TechNews #BugFix #CriticalUpdate #DigitalSafety #MastodonUpdate #CyberAttack #UserSafety #DataBreach #SecurityAlert #NetworkSecurity #OnlineSafety #SecurityFlaw #SecureUpdate #ITSecurity #TechAlert #MastodonPatch #SystemUpdate #CVE