USN-5810-3: Git vulnerabilities

Read Time:24 Second

USN-5810-1 fixed several vulnerabilities in Git. This update provides
the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain
gitattributes. An attacker could possibly use this issue to cause a crash
or execute arbitrary code. (CVE-2022-23521)

Joern Schneeweisz discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-41903)

php-tcpdf-6.8.0-1.fc41

FEDORA-2024-7d6412477b Packages in this update: php-tcpdf-6.8.0-1.fc41 Update description: Version 6.8.0 (2024-12-23) Requires PHP 7.1+ and curl extension. Escape error message....

December 30, 2024

php-tcpdf-6.8.0-1.fc40

FEDORA-2024-d6b0e72e3d Packages in this update: php-tcpdf-6.8.0-1.fc40 Update description: Version 6.8.0 (2024-12-23) Requires PHP 7.1+ and curl extension. Escape error message....

December 30, 2024

ZDI-24-1741: WSO2 API Manager SynapseArtifactUploaderAdmin Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WSO2 API Manager. Authentication is required to...

December 30, 2024

ZDI-24-1740: WSO2 API Manager Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of WSO2 API Manager. Authentication is not required to...

December 30, 2024

ZDI-24-1739: Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain...

December 30, 2024

ZDI-24-1738: Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required...

December 30, 2024

Salt Typhoon’s Reach Continues to Grow

Majority of UK SMEs Lack Cybersecurity Policy

Happy 15th Anniversary, KrebsOnSecurity!

CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

Casino Players Using Hidden Cameras for Cheating

Friday Squid Blogging: Squid on Pizza

Scams Based on Fake Google Emails

Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%

The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)

php-tcpdf-6.8.0-1.fc41

php-tcpdf-6.8.0-1.fc40

ZDI-24-1741: WSO2 API Manager SynapseArtifactUploaderAdmin Unrestricted File Upload Remote Code Execution Vulnerability

ZDI-24-1740: WSO2 API Manager Exposed Dangerous Function Authentication Bypass Vulnerability

ZDI-24-1739: Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability

ZDI-24-1738: Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability