PAN-OS auth bypass exploited in the wild, plus a 9.8 in Redshift and a Chrome sandbox escape

The Amazon Redshift Python driver (redshift-connector) uses eval() in a way that lets an attacker inject and execute arbitrary code remotely. CVSS 9.8, so the attack surface is wide open: no authentication, no user interaction. If your data pipelines or ETL jobs use this driver, an attacker could take over the host running the connector.

Included because

unauthenticated; remote code execution; CVSS 9.8; common in data infrastructure

Affected estate

Any system with the pip package redshift-connector installed.

How to check

Run 'pip show redshift-connector' on hosts or in container images to identify the installed version.

Action

Upgrade redshift-connector to the fixed version via pip. Check all container images and deployment pipelines for pinned versions.

Urgency

Patch within 24 hours

Why it matters

A CVSS 9.8 RCE via eval() injection means an attacker can run arbitrary code on the host, no credentials needed.

Source

NVD

Gotenberg, a popular document conversion API, has a path traversal bug. An attacker can craft a zip upload with Windows-style path separators in the filename to write files outside the intended directory. If you expose Gotenberg to user uploads (even indirectly through another service), this could let an attacker overwrite files on the server.

Included because

CVSS 8.8; user-facing upload surface; common in document processing pipelines

Affected estate

Any deployment of Gotenberg v8 (Go module github.com/gotenberg/gotenberg/v8).

How to check

Check your container image tag or run the Gotenberg binary with '--version'. Look for the module in your Go dependency tree with 'go list -m all | grep gotenberg'.

Action

Upgrade to the patched Gotenberg v8 release. Review access controls on the upload endpoint.

Urgency

Patch this week

Why it matters

Path traversal lets an attacker write arbitrary files on the server, which can lead to code execution or data destruction.

Source

NVD

A use-after-free bug in Chrome's Dawn graphics layer (the WebGPU backend) lets an attacker escape the browser sandbox via a malicious web page. CVSS 9.6, Chromium rates it Critical. A user just has to visit a crafted page. No other interaction required. This affects all Chromium-based browsers (Chrome, Edge, Brave, etc.) prior to 148.0.7778.216.

Included because

CVSS 9.6; sandbox escape; no user interaction beyond visiting a page; ubiquitous product

Affected estate

All endpoints running Google Chrome or Chromium-based browsers prior to version 148.0.7778.216.

How to check

Open chrome://version or check your endpoint management console for browser version inventory.

Action

Push Chrome 148.0.7778.216 or later via your update mechanism. Verify rollout across managed endpoints.

Urgency

Patch within 24 hours

Why it matters

A sandbox escape means a malicious web page can break out of the browser and run code on the underlying OS. That's about as bad as browser bugs get.

Source

Google Chrome Releases, NVD

GitHub CLI (gh) versions before 2.93.0 leak your GitHub authentication token to external hosts. When you run gh attestation, gh release verify, or gh release verify-asset, the CLI sends your token to TUF mirror sites (including GitHub Pages domains and Azure Blob Storage) that should never receive it. An attacker controlling one of those mirrors, or sitting in the network path, could capture your token and act as you on GitHub.

Included because

CVSS 7.4; credential leak; widely used developer tool; affects CI/CD pipelines

Affected estate

Any workstation, CI runner, or container image with GitHub CLI (gh) installed at a version below 2.93.0.

How to check

Run 'gh version' to confirm the installed version. Search CI pipeline definitions and container images for gh installations.

Action

Upgrade gh to 2.93.0 or later. Rotate exposed tokens, especially GH_ENTERPRISE_TOKEN if it was set.

Urgency

Patch this week

Why it matters

A leaked GitHub token gives an attacker full access to your repos, actions, and any resources the token scopes allow.

Source

GitHub advisory