SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS

Read Time:20 Second

Posted by David Brown via Fulldisclosure on Jul 18

Title
=====

SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2022-28888

Link
====

https://www.schutzwerk.com/en/43/advisories/schutzwerk-sa-2022-003/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-003.txt

Affected products/vendor
========================

Spryker Commerce OS by Spryker Systems GmbH, with…

python-zipp-0.5.1-4.el8

FEDORA-EPEL-2024-d7489f4064 Packages in this update: python-zipp-0.5.1-4.el8 Update description: Security fix for CVE-2024-5569 (rhbz#2297119) Read More

September 23, 2024

USN-7020-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

September 23, 2024

USN-7007-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

September 23, 2024

USN-6992-2: Firefox regressions

USN-6992-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...

September 23, 2024

GLSA 202409-20: curl: Multiple Vulnerabilities

Post Content Read More

September 23, 2024

GLSA 202409-07: Rust: Multiple Vulnerabilities

Post Content Read More

September 22, 2024

Quantum Computing and Cybersecurity – Preparing for a New Age of Threats

LinkedIn Pauses GenAI Training Following ICO Concerns

German Police Shutter 47 Criminal Crypto Exchanges

Friday Squid Blogging: Squid Game Season Two Teaser

Clever Social Engineering Attack Using Captchas

US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities

Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable

Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions

This Windows PowerShell Phish Has Scary Potential

SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS

python-zipp-0.5.1-4.el8

USN-7020-2: Linux kernel vulnerabilities

USN-7007-2: Linux kernel vulnerabilities

USN-6992-2: Firefox regressions

GLSA 202409-20: curl: Multiple Vulnerabilities

GLSA 202409-07: Rust: Multiple Vulnerabilities