curl-7.79.1-7.fc35

Read Time:17 Second

FEDORA-2022-39688a779d

Packages in this update:

curl-7.79.1-7.fc35

Update description:

url: use IDN decoded names for HSTS checks (CVE-2022-42916)
http_proxy: restore the protocol pointer on error (CVE-2022-42915)
netrc: replace fgets with Curl_get_line (CVE-2022-35260)
fix POST following PUT confusion (CVE-2022-32221)

Read More

curl-7.82.0-9.fc36

Read Time:17 Second

FEDORA-2022-01ffde372c

Packages in this update:

curl-7.82.0-9.fc36

Update description:

url: use IDN decoded names for HSTS checks (CVE-2022-42916)
http_proxy: restore the protocol pointer on error (CVE-2022-42915)
netrc: replace fgets with Curl_get_line (CVE-2022-35260)
fix POST following PUT confusion (CVE-2022-32221)

Read More

ZDI-22-1486: Delta Industrial Automation InfraSuite Device Master ModifyPrivByID Missing Authentication Privilege Escalation Vulnerability

Read Time:13 Second

This vulnerability allows remote attackers to escalate privileges or create a denial-of-service condition on affected installations of Delta Industrial Automation InfraSuite Device Master. Authentication is not required to create a denial-of-service condition. Authentication is required to achieve privilege escalation.

Read More

ZDI-22-1487: Delta Industrial Automation InfraSuite Device Master DeSerializeBinary Deserialization of Untrusted Data Remote Code Execution Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation InfraSuite Device Master Device-Monitor. User interaction is required to exploit this vulnerability in that the target client must connect to a malicious server.

Read More