USN-5896-1: Rack vulnerabilities

Read Time:36 Second

It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2022-30122)

It was discovered that Rack was not properly escaping untrusted data when
performing logging operations, which could cause shell escaped sequences
to be written to a terminal. If a user or automated system were tricked
into sending a specially crafted request to an application using Rack, a
remote attacker could possibly use this issue to execute arbitrary code in
the machine running the application. (CVE-2022-30123)

Casio Admits Security Failings as Attackers Leak Employee and Customer Data

New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices

Fake Government Officials Use Remote Access Tools for Card Fraud

Google’s Willow Quantum Chip and Its Potential Threat to Current Encryption Standards

A Day in the Life of a Prolific Voice Phishing Crew

The AI Fix #32: Agentic AI, killer robot fridges, and the robosexual revolution

New Research Highlights Vulnerabilities in MLOps Platforms

Moxa Urges Immediate Updates for Security Vulnerabilities

US Treasury Department Sanctions Chinese Company Over Cyberattacks

mingw-python-jinja2-3.1.5-1.fc40

mingw-python-jinja2-3.1.5-1.fc41

seamonkey-2.53.20-2.el8

seamonkey-2.53.20-2.fc40

seamonkey-2.53.20-2.fc41

USN-7190-1: Tinyproxy vulnerability