FEDORA-2022-cf658a432f
Packages in this update:
libapreq2-2.17-1.fc35
Update description:
Fix CVE-2022-22728.
libapreq2-2.17-1.fc35
Fix CVE-2022-22728.
libapreq2-2.17-1.fc36
Fix CVE-2022-22728.
libapreq2-2.17-1.fc37
Fix CVE-2022-22728.
libapreq2-2.17-1.el8
Fix CVE-2022-22728.
libapreq2-2.17-1.el7
Fix CVE-2022-22728.
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().
Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications.
Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms/admin/ueditor when the action is catchimage.
protobuf-c-1.4.1-2.fc36
Updated to version 1.4.1.
Possible authentication bypass due to improper order of signature verification and hashing in the signature verification call in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables