A logged-in and authenticated user with a Reviewer Role may lock a content item.
Category Archives: Advisories
CVE-2021-23266
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.
CVE-2021-23267
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.
USN-5422-1: libxml2 vulnerabilities
Shinji Sato discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-29824)
CVE-2021-25119
The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE
USN-5421-1: LibTIFF vulnerabilities
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-35522)
Chintan Shah discovered that LibTIFF incorrectly handled memory when
handling certain images. An attacker could possibly use this issue to
cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891)
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2022-0865)
plantuml-1.2022.5-1.el9
FEDORA-EPEL-2022-a0a3d90422
Packages in this update:
plantuml-1.2022.5-1.el9
Update description:
Security fix for CVE-2022-1379
Updated version to 1.2022.4
plantuml-1.2022.5-1.fc36
FEDORA-2022-e6c09a89eb
Packages in this update:
plantuml-1.2022.5-1.fc36
Update description:
Security fix for CVE-2022-1379
plib-1.8.5-30.fc36
FEDORA-2022-08022e9452
Packages in this update:
plib-1.8.5-30.fc36
Update description:
Security fix for CVE-2021-38714
plib-1.8.5-30.fc34
FEDORA-2022-1cf3c9578f
Packages in this update:
plib-1.8.5-30.fc34
Update description:
Security fix for CVE-2021-38714