101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

484
active users

#redos

0 posts0 participants0 posts today
iam-py-test :unverified:<p>gorhill has fixed a regular expression denial of service vulnerability in uBlock Origin</p><p><a href="https://github.com/gorhill/uBlock/commit/eaedaf5b10d2f7857c6b77fbf7d4a80681d4d46c" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/gorhill/uBlock/comm</span><span class="invisible">it/eaedaf5b10d2f7857c6b77fbf7d4a80681d4d46c</span></a></p><p><a href="https://infosec.exchange/tags/RegexDenialOfService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RegexDenialOfService</span></a> <a href="https://infosec.exchange/tags/ReDoS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReDoS</span></a> <a href="https://infosec.exchange/tags/uBlockOrigin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>uBlockOrigin</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
postmodern<p>Plot Twist: the Ruby on Rails forum has full write-ups of the new Rack ReDoS advisories, even though Rails is a separate project from Rack.</p><ul><li><a href="https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discuss.rubyonrails.org/t/deni</span><span class="invisible">al-of-service-vulnerability-in-rack-content-type-parsing/84941</span></a></li><li><a href="https://discuss.rubyonrails.org/t/possible-dos-vulnerability-with-range-header-in-rack/84944" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discuss.rubyonrails.org/t/poss</span><span class="invisible">ible-dos-vulnerability-with-range-header-in-rack/84944</span></a></li><li><a href="https://discuss.rubyonrails.org/t/possible-denial-of-service-vulnerability-in-rack-header-parsing/84942" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discuss.rubyonrails.org/t/poss</span><span class="invisible">ible-denial-of-service-vulnerability-in-rack-header-parsing/84942</span></a></li></ul><p><a href="https://infosec.exchange/tags/redos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redos</span></a> <a href="https://infosec.exchange/tags/rack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rack</span></a> <a href="https://infosec.exchange/tags/rails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rails</span></a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>advisory</span></a></p>
🛡 H3lium@infosec.exchange/:~# :blinking_cursor:​<p>"AngularJS ReDoS Vulnerability Alert - Affecting EOL angular package, versions &gt;=1.3.0 🚨🛡️"</p><p>A newly disclosed vulnerability in AngularJS, identified as CVE-2024-21490, poses a risk to web applications by enabling <a href="https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS" rel="nofollow noopener" target="_blank">Regular Expression Denial of Service (ReDoS)</a> attacks. This flaw affects all AngularJS versions before 1.8.3, allowing attackers to cause a service disruption by crafting specific inputs that trigger excessive backtracking in regular expressions. </p><p>Developers should review their applications for vulnerable patterns and -as this package is EOL- migrate to <a href="https://www.npmjs.com/package/@angular/core" rel="nofollow noopener" target="_blank">@angular/core</a>. Also an <a href="https://infosec.exchange/tags/PoC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PoC</span></a> example of exploiting this vulnerability can be found in a live demo on StackBlitz, showing the attack's mechanics and potential impact on AngularJS applications.</p><p>Tags: <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/AngularJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AngularJS</span></a> <a href="https://infosec.exchange/tags/ReDoS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReDoS</span></a> <a href="https://infosec.exchange/tags/PatchManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchManagement</span></a> <a href="https://infosec.exchange/tags/WebDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebDevelopment</span></a> <a href="https://infosec.exchange/tags/SecureCoding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureCoding</span></a> 🌍🔑💻</p><p>Source: NVD - <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-21490" rel="nofollow noopener" target="_blank">CVE-2024-21490</a>, Snyk - <a href="https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113" rel="nofollow noopener" target="_blank">SNYK-JS-ANGULAR-6091113</a>, StackBlitz Demo - <a href="https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos?file=index.js" rel="nofollow noopener" target="_blank">AngularJS Vulnerability</a></p>
postmodern<p>Days Since yet another ReDoS advisory: 0<br><a href="https://infosec.exchange/tags/redos" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redos</span></a></p>
postmodern<p>Has ReDoS ever impacted anything? On one hand I'm glad we are fixing potential vulnerabilities before they can be exploited en-mass. On the other hand it feels like we're chasing after theoretical vulnerabilities that are not actually viable (ex: Spectre or ReDoS).<br><a href="https://infosec.exchange/tags/ReDoS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReDoS</span></a></p>
Blog enfaseterminal.com<p>¿ A que precio esta la <a href="https://mastodon.social/tags/electricidad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>electricidad</span></a> ? <a href="https://mastodon.social/tags/ree" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ree</span></a> <a href="https://mastodon.social/tags/redOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redOS</span></a> <br>¿Como saber a qué hora tengo que poner la <a href="https://mastodon.social/tags/lavadora" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lavadora</span></a> o el <a href="https://mastodon.social/tags/lavavajillas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lavavajillas</span></a>?<br><a href="https://www.enfaseterminal.com/2021/09/a-precio-esta-la-electricidad.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">enfaseterminal.com/2021/09/a-p</span><span class="invisible">recio-esta-la-electricidad.html</span></a></p>