In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header in the response w…
YouTube Originals announces new documentary, “Coachella: 20 Years in the Desert." Premieres March 31.
In celebration of Coachella’s 20th anniversary, YouTube Originals is partnering with Coachella Valley Music and Arts Festival for a feature-length documentary, “Coachella: 20 Years in the Desert.” It is set to premiere March 31. The announcement comes …
Better protecting kids’ privacy on YouTube
Last September, we announced a series of changes to better protect kids and their privacy on YouTube and to address concerns raised by the U.S. Federal Trade Commission (FTC). Specifically, that all creators will be required to designate their content …
Mac Pro向けの新アクセサリのカラーは黒とシルバー
これまでずっと、Appleのキーボードとマウスの色は白とシルバーでの仕上げでした。しかし、iMac …
[omniauth_amazon] Backdoor / Malicious code
The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
Users of an affected version should consider downgrading to the last non-affected version of 1.6.9, or upg…
アップル製品値上げの可能性? 米国による10%の対中制裁関税の影響で
米中貿易戦争はまだ続いています。事態が沈静化するまでにはまだ時間がかかるでしょうが、不幸にも米大統領…
[invenio-records] Cross-site scripting invenio-records
Cross-Site Scripting (XSS) vulnerability in administration interface
Impact
A Cross-Site Scripting (XSS) vulnerability was discovered when rendering JSON for a record in the administration interface. The vulnerability could be exploited by e.g. a user …
【画像】iPhone XR2、ラベンダーとグリーン色を追加か
最近の報告によると、Appleは今年後半にiPhone XR 2に新しいカラーオプションを導入すると…
[Bootstrap.Less] Cross-Site Scripting in bootstrap
Versions of bootstrap prior to 3.4.1 for 3.x and 4.3.1 for 4.x are vulnerable to Cross-Site Scripting (XSS). The data-template attribute of the tooltip and popover plugins lacks input sanitization and may allow attacker to execute arbitrary JavaScript…
新型iPad miniには「Face ID」が搭載されないかも…
昨年発売された新型iPad Proには、iPhoneで先行していたFace ID技術が搭載されました…