2.9.9¶
(2022-08-11)
Enhancements¶
(ENGDTR-3220) Upgraded Synopsys scanner to version 2022.6.0.
Addressed issues¶
(FIELD-4537) Fixed the invalid documentation links that are embedded in MSR vulnerability scan warnings.
Security information¶
Updated Golang to version 1.17.13 to resolve vulnerabilities. For more information, refer to the following announcements for versions 1.17.12 and 1.17.13.
Resolved CVEs, as detailed:
CVE
Status
Problem details from upstream
Resolved
ncurses
6.3 before patch 20220416 has an out-of-bounds read and segmentation violation inconvert_strings
intinfo/read_entry.c
in theterminfo
library.Resolved
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, an SQL injection vulnerability exists in the experimental
back-sql
backend toslapd
, through an SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping.Resolved
An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The
Trunc()
andExtract()
database functions are subject to SQL injection if untrusted data is used as akind
/lookup_name
value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.Resolved
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for
X86_64
CPUs supporting theAVX512IFMA
instructions. This issue makes the RSA implementation with 2048-bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption, an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048-bit RSA private keys running on machines that supportAVX512IFMA
instructions of theX86_64
architecture are affected by this issue.Resolved
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call
mailcap.findmatch
with untrusted input (if they lack validation of user-provided file names or arguments).Resolved
A use-after-free in Busybox 1.35-x’s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the
copyvar
function.Resolved
libcurl
would reuse a previously created connection even when a TLS or SSH-related option had been changed that should have prohibited reuse.libcurl
keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several TLS and SSH settings were left out from the configuration match checks, making them match too easily.Resolved
libcurl
provides theCURLOPT_CERTINFO
option to allow applications to request details to be returned about a server’s certificate chain. Due to an erroneous function, a malicious server could make libcurl built with NSS get stuck in a never-ending busy-loop when trying to retrieve that information.Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Resolved
No description is available for this CVE.
Not vulnerable 1
Authorization Bypass Through User-Controlled Key in GitHub repository
emicklei/go-restful
prior to v3.8.0.False positive
sqclass.cpp
in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read in the core interpreter that can lead to code execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as file system functions have been disabled. An attacker might abuse this bug to target, for example, cloud services that allow customization using SquirrelScripts, or distribute malware through video games that embed a Squirrel Engine.- 1
The issue is likely to be triggered in software that uses a CORS filter, which MSR does not.