AdvisoryWeek
Subscribe
Archives
2022-27 - Canonical, Red Hat, Cisco, Microsoft, GitHub
Published on July 11, 2022
Email address
Subscribe
Advisory Week
Week 27, 2022
Ubuntu Security Notices
USN-5507-1: Vim vulnerabilities
USN-5479-3: PHP regression
USN-5506-1: NSS vulnerabilities
USN-5505-1: Linux kernel vulnerabilities
USN-5488-2: OpenSSL vulnerability
USN-5504-1: Firefox vulnerabilities
USN-5503-1: GnuPG vulnerability
USN-5502-1: OpenSSL vulnerability
USN-5479-2: PHP vulnerabilities
USN-5501-1: Django vulnerability
Red Hat Security Advisory
(RHSA-2022:5532) Important: Red Hat Fuse 7.11.0 release and security update
(RHSA-2022:5531) Moderate: Red Hat Advanced Cluster Management 2.5.1 security updates and bug fixes
(RHSA-2022:5526) Important: squid:4 security update
(RHSA-2022:5529) Important: squid:4 security update
(RHSA-2022:5527) Important: squid security update
(RHSA-2022:5528) Important: squid:4 security update
(RHSA-2022:5530) Important: squid:4 security update
(RHSA-2022:5525) Moderate: Service Binding Operator security update
(RHSA-2022:5498) Moderate: Satellite 6.11 Release
(RHSA-2022:5491) Important: rh-php73-php security and bug fix update
Cisco Security Advisory
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
Cisco Smart Software Manager On-Prem Denial of Service Vulnerability
Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability
Cisco Unified Communications Products Access Control Vulnerability
Cisco Unified Communications Manager Arbitrary File Read Vulnerability
Cisco Unified Communications Products Timing Attack Vulnerability
Cisco Unified Communications Products Arbitrary File Read Vulnerability
Microsoft Security
Chromium: CVE-2022-2295 Heap buffer overflow in WebRTC
Chromium: CVE-2022-2294 Type Confusion in V8
Github Security Advisories
[GHSA-72x4-cq6r-jp4p] Improper Input Validation in orderer/common/cluster consensus request
[GHSA-wgmr-mf83-7x4j] Invalid HTTP/2 requests can lead to denial of service
[GHSA-8mpp-f3f7-xc28] SslConnection does not release pooled ByteBuffers in case of errors
[GHSA-cj7v-27pg-wf7q] Invalid URI parsing may produce invalid HttpURI.authority
[GHSA-f2gr-7299-487h] DOS and excessive memory usage when passing untrusted user input to to dag import
[GHSA-crrq-vr9j-fxxh] Protected fields exposed via LiveQuery
[GHSA-pgjx-7f9g-9463] Improper handling of email input
[GHSA-9x4h-8wgm-8xfg] Malformed CAR panics and excessive memory usage
[GHSA-hm37-9xh2-q499] Possible leak of key's raw field if declared length is incorrect
[GHSA-wc69-rhjr-hc9g] Inefficient Regular Expression Complexity in moment
[GHSA-ffmh-x56j-9rc3] Regular Expression Denial of Service in jquery-validation
[GHSA-c58j-88f5-h53f] Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pycares
[GHSA-wpqr-jcpx-745r] Incorrect handling of invalid surrogate pair characters
[GHSA-fm67-cv37-96ff] Potential double free of buffer during string decoding
[GHSA-977c-63xq-cgw3] Unsafe YAML deserialization in opensearch-ruby
[GHSA-x3vm-38hw-55wf] Possible inject arbitrary `CSS` into the generated graph affecting the container HTML
AdvisoryWeek
