USN-5896-1: Rack vulnerabilities

Read Time:36 Second

It was discovered that Rack was not properly parsing data when processing
multipart POST requests. If a user or automated system were tricked into
sending a specially crafted multipart POST request to an application using
Rack, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2022-30122)

It was discovered that Rack was not properly escaping untrusted data when
performing logging operations, which could cause shell escaped sequences
to be written to a terminal. If a user or automated system were tricked
into sending a specially crafted request to an application using Rack, a
remote attacker could possibly use this issue to execute arbitrary code in
the machine running the application. (CVE-2022-30123)

Trump CISA Cuts Threaten US Election Integrity, Experts Warn

Morphing Meerkat PhaaS Platform Spoofs 100+ Brands

AIs as Trusted Third Parties

CoffeeLoader Malware Loader Linked to SmokeLoader Operations

When Getting Phished Puts You in Mortal Danger

PJobRAT Malware Targets Users in Taiwan via Fake Apps

No MFA? Expect Hefty Fines, UK’s ICO Warns

Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US

A Taxonomy of Adversarial Machine Learning Attacks and Mitigations

USN-7387-2: Linux kernel (FIPS) vulnerabilities

USN-7387-3: Linux kernel (Real-time) vulnerabilities

USN-7390-1: Linux kernel (Xilinx ZynqMP) vulnerabilities

USN-7389-1: Linux kernel (NVIDIA Tegra) vulnerabilities

ghostscript-10.02.1-14.fc40

ghostscript-10.03.1-5.fc41