Low CVE-2022-2165: Insufficient data validation in URL formatting.Reported by José Miguel Moreno Computer Security Lab (COSEC) at UC3M on Low CVE-2022-2164: Inappropriate implementation in Extensions API.Low CVE-2022-2163: Use after free in Cast UI and Toolbar.Reported by Abdelhamid Naceri (halov) on Medium CVE-2022-2162: Insufficient policy enforcement in File System API.Medium CVE-2022-2161: Use after free in WebApp Provider.Medium CVE-2022-2160: Insufficient policy enforcement in DevTools.Reported by Bohan Liu of Tencent Security Xuanwu Lab on Reported by Nan and Guang Gong of 360 Alpha Lab on High CVE-2022-2157: Use after free in Interest groups.Reported by Mark Brand of Google Project Zero on Critical CVE-2022-2156: Use after free in Base.This release contains 14 security fixes, including: Sanitise shell metacharacters to prevent command injection were VuXML ID 4eeb93bf-f204-11ec-8fbd-d4c9ef517024Ĭircumstances where the c_rehash script does not properly Observable timing discrepancy allows determining username validity (Medium) Unauthorized view fragment access Multiple XSS vulnerabilities (Medium) SECURITY-2566 / CVE-2022-34174 CVE-2022-32208: FTP-KRB bad message verification.CVE-2022-32207: Unpreserved file permissions.CVE-2022-32206: HTTP compression denial of service.CVE-2022-32205: Set-Cookie denial of service.Instances with the enable_media_repo configuration option set to false areĪlso unaffected, as this also disables the URL preview functionality.Homeservers with the url_preview_enabled configuration option set to false.Or in some cases crash the running Synapse process. Of some web pages can lead to unbounded recursion, causing the request to either fail, This release fixes a vulnerability with Synapse's URL preview feature. List all Vulnerabilities, by package VuXML entries as processed by FreshPorts The last vuln.xml file processed by FreshPorts is: This page displays vulnerability information about FreeBSD Ports.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |