Posted by Moritz Bechler on Sep 12
Advisory ID: SYSS-2022-041
Product: JasperReports Server
Manufacturer: TIBCO Software Inc.
Tested Version(s): 8.0.2 Community Edition
Vulnerability Type: CWE-502: Deserialization of Untrusted Data
Risk Level: High
Solution Status: Fixed
Manufacturer Notification: 2022-06-10
Solution Date: 2022-08-10
Public Disclosure: 2022-09-09
CVE Reference:…
Posted by Daniel Wood via Fulldisclosure on Sep 12
The Unqork Security team discovered multiple security vulnerabilities in
the Qualys Cloud Agent, to include arbitrary code execution.
CVE-2022-29549 (Arbitrary Code Execution)
https://nvd.nist.gov/vuln/detail/CVE-2022-29549
CVE-2022-29550 (Sensitive Information Disclosure)
https://nvd.nist.gov/vuln/detail/CVE-2022-29550
Read more:
https://www.unqork.com/resources/unqork-and-qualys-partner-to-resolve-zero-day-vulnerabilities…
FEDORA-2022-9b67d67195
Packages in this update:
libconfuse-3.3-7.fc35
Update description:
Patch for CVE-2022-40320
FEDORA-EPEL-2022-30932b0236
Packages in this update:
libconfuse-3.3-7.el9
Update description:
Patch for CVE-2022-40320
FEDORA-EPEL-2022-cd091ab1b1
Packages in this update:
libconfuse-3.3-7.el8
Update description:
Patch for CVE-2022-40320
FEDORA-2022-645dc53ee2
Packages in this update:
libconfuse-3.3-7.fc37
Update description:
Patch for CVE-2022-40320
FEDORA-2022-de992c68d0
Packages in this update:
libconfuse-3.3-7.fc36
Update description:
Patch for CVE-2022-40320
FEDORA-EPEL-2022-0d0a29e337
Packages in this update:
rubygem-rack-2.2.4-1.el9
Update description:
Update to Rack 2.2.4
FEDORA-2022-ff2aa5643d
Packages in this update:
rizin-0.4.1-1.fc36
Update description:
Rebase to upstream version 0.4.1 to fix some security issues
FEDORA-2022-0c34c7d5e1
Packages in this update:
rizin-0.4.1-1.fc37
Update description:
Rebase to upstream version 0.4.1 to fix some security issues
News, Advisories and much more