CVE-2022-40083 The Echo CMS v4.8.0 had an open redirect vulnerability in the Static Handler component.
SSRF is a type of attack where the attacker tricks the victim’s web application into executing a command on the server. The command can
CVE-2022-37346 The Product Image Bulk Upload Plugin has an insufficient verification vulnerability when uploading files.
There is currently no known exploit for this issue. However, we recommend updating to version 4.1.0 or higher as soon as possible. Vulnerable
CVE-2022-21797 The joblib package before 1.2.0 is vulnerable to Arbitrary Code Execution via the pre_dispatch flag in the Parallel() class.
A user with the 'package joblib' privilege can execute arbitrary code with this flag.
Additionally, package joblib before 1.2.0 is vulnerable
CVE-2022-32831 Out-of-bounds reads are fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, and macOS Monterey 12.5.
This issue is addressed by improved handling of malformed AppleScript
CVE-2023-32832
This issue is addressed by improved handling of malformed JavaScript
The benefits of outsourcing
CVE-2022-33681 Vulnerable to a man in the middle attack due to delayed hostname verification in the Pulsar Java Client and the Pulsar Proxy.
via man-in-the-middle attacks. We encourage clients to manually validate TLS certificates against the expected hostname before accepting connections. Additionally, we recommend clients limit access to
Episode
00:00:00
00:00:00