This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-0244.
Daily Archives: February 6, 2024
ZDI-24-087: (Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Server-Side Request Forgery Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.3. The following CVEs are assigned: CVE-2023-22817.
ZDI-24-088: (Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Uncontrolled Resource Consumption Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2023-22819.
openexr-3.1.10-5.fc40
FEDORA-2024-55247f3a4f
Packages in this update:
openexr-3.1.10-5.fc40
Update description:
Automatic update for openexr-3.1.10-5.fc40.
Changelog
* Mon Feb 5 2024 Benjamin A. Beasley <code@musicinmybrain.net> – 3.1.10-5
– Backport proposed fix for CVE-2023-5841 to 3.1.10 (fix RHBZ#2262406)
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> – 3.1.10-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> – 3.1.10-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild