Apple Security Advisory 2022-09-12-4 - macOS Monterey 12.6 addresses bypass and code execution vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-2022-09-12-4 macOS Monterey 12.6

macOS Monterey 12.6 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/HT213444.

ATS  
Available for: macOS Monterey  
Impact: An app may be able to bypass Privacy preferences  
Description: A logic issue was addressed with improved state  
management.  
CVE-2022-32902: Mickey Jin (@patch1t)

iMovie  
Available for: macOS Monterey  
Impact: A user may be able to view sensitive user information  
Description: This issue was addressed by enabling hardened runtime.  
CVE-2022-32896: Wojciech Reguła (@_r3ggi)

Kernel  
Available for: macOS Monterey  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: The issue was addressed with improved memory handling.  
CVE-2022-32911: Zweig of Kunlun Lab

Kernel  
Available for: macOS Monterey  
Impact: An app may be able to disclose kernel memory  
Description: The issue was addressed with improved memory handling.  
CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel  
Available for: macOS Monterey  
Impact: An application may be able to execute arbitrary code with  
kernel privileges. Apple is aware of a report that this issue may  
have been actively exploited.  
Description: The issue was addressed with improved bounds checks.  
CVE-2022-32917: an anonymous researcher

Maps  
Available for: macOS Monterey  
Impact: An app may be able to read sensitive location information  
Description: A logic issue was addressed with improved restrictions.  
CVE-2022-32883: Ron Masas, breakpointhq.com

MediaLibrary  
Available for: macOS Monterey  
Impact: A user may be able to elevate privileges  
Description: A memory corruption issue was addressed with improved  
input validation.  
CVE-2022-32908: an anonymous researcher

PackageKit  
Available for: macOS Monterey  
Impact: An app may be able to gain elevated privileges  
Description: A logic issue was addressed with improved state  
management.  
CVE-2022-32900: Mickey Jin (@patch1t)

Additional recognition

Identity Services  
We would like to acknowledge Joshua Jones for their assistance.

macOS Monterey 12.6 may be obtained from the Mac App Store or Apple's  
Software Downloads web site: https://support.apple.com/downloads/  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmMfdoAACgkQ4RjMIDke  
NxkI5g//SbLPARNJZkH5CzD60NB87QymxWmpvPcbPiywLpVy8Yj7CzQ21rM7cshx  
65LXO+4S5dIkWSv38lv7o+JOTuhPxnucdR9EhPN4Mjyl132S9zOylgaotp0/LZuJ  
vGOzN1LUO260VeB/4wpnWM5wQY5b16GGrIj1LJ1knKKNB05/JdBEHC0fXhPgIZ0A  
fOcQzNVaeySayjx4mariluq0GBXKQ9ELPEhS+z1XCEg6Rw1NLS0cC1mhGoXojRYF  
Bij2De+JBEFqtGTo4ceN52yBmUj4UF11zJPl3fybJIM1dmkRd0/7PpsqJmEiASWr  
cmCsY4DiMbFVPnpHKv8dkt4dNseejGntpEsHljlq6rATLSbGkTowwRtaF8QtgZzT  
wS3mAWlit6vjiMQlgMVLnDk72IGVqaIcu2JmIJtfLFDgXPctO64ZAvbWDPeCyNfe  
+6hnVv/sWzFh6dHh+kJYwDrMIxZnFZuZD1NzaHqxEPKUY9CdK8GhNzwVfOPzlP3U  
TfOaZGuyudXKn7k04ItHBPtq5P+oYDPDlfIzeP8n+WYLbUCP+a1A8yrqQnQuY1Rs  
N3cz70al/9ogGzamSCIe0jQxGrVaMgvd8GEDK9GnksRxd0vJl/rMm05wruOyv2pD  
gEhw6ZdE97icESMAOvPMjIR0eANuiK6vgyrg+GRn2RSqLpsr1VM=  
=qtyT  
-----END PGP SIGNATURE-----

Apple Security Advisory 2022-09-12-4

Red Hat Security Advisory 2022-6447-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: ruby:2.7 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6447-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6447  
Issue date:        2022-09-13  
CVE Names:         CVE-2021-41817 CVE-2021-41819 CVE-2022-28739   
=====================================================================

1. Summary:

An update for the ruby:2.7 module is now available for Red Hat Enterprise  
Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It  
has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby  
(2.7.6). (BZ#2109424)

Security Fix(es):

* ruby: Regular expression denial of service vulnerability of Date parsing  
methods (CVE-2021-41817)

* ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)

* Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2025104 - CVE-2021-41817 ruby: Regular expression denial of service vulnerability of Date parsing methods  
2026757 - CVE-2021-41819 ruby: Cookie prefix spoofing in CGI::Cookie.parse  
2075687 - CVE-2022-28739 Ruby: Buffer overrun in String-to-Float conversion  
2109424 - ruby:2.7/ruby: Rebase to the latest Ruby 2.7 release [rhel-8] [rhel-8.6.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
ruby-2.7.6-138.module+el8.6.0+16148+54b2ba8f.src.rpm  
rubygem-abrt-0.4.0-1.module+el8.3.0+7192+4e3a532a.src.rpm  
rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.src.rpm  
rubygem-mongo-2.11.3-1.module+el8.3.0+7192+4e3a532a.src.rpm  
rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.src.rpm  
rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.src.rpm

aarch64:  
ruby-2.7.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
ruby-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
ruby-debugsource-2.7.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
ruby-devel-2.7.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
ruby-libs-2.7.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
ruby-libs-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-bigdecimal-2.0.0-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-bigdecimal-debuginfo-2.0.0-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-io-console-0.5.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-io-console-debuginfo-0.5.6-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-json-2.3.0-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-json-debuginfo-2.3.0-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-openssl-2.1.3-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-openssl-debuginfo-2.1.3-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.aarch64.rpm  
rubygem-psych-3.1.0-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm  
rubygem-psych-debuginfo-3.1.0-138.module+el8.6.0+16148+54b2ba8f.aarch64.rpm

noarch:  
ruby-default-gems-2.7.6-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
ruby-doc-2.7.6-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-abrt-0.4.0-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-abrt-doc-0.4.0-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-bson-doc-4.8.1-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-bundler-2.2.24-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-irb-1.2.6-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-minitest-5.13.0-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-mongo-2.11.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-mongo-doc-2.11.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-mysql2-doc-0.5.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-net-telnet-0.2.0-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-pg-doc-1.2.3-1.module+el8.3.0+7192+4e3a532a.noarch.rpm  
rubygem-power_assert-1.1.7-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-rake-13.0.1-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-rdoc-6.2.1.1-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-test-unit-3.3.4-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygem-xmlrpc-0.3.0-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygems-3.1.6-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm  
rubygems-devel-3.1.6-138.module+el8.6.0+16148+54b2ba8f.noarch.rpm

ppc64le:  
ruby-2.7.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
ruby-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
ruby-debugsource-2.7.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
ruby-devel-2.7.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
ruby-libs-2.7.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
ruby-libs-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-bigdecimal-2.0.0-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-bigdecimal-debuginfo-2.0.0-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-io-console-0.5.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-io-console-debuginfo-0.5.6-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-json-2.3.0-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-json-debuginfo-2.3.0-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-openssl-2.1.3-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-openssl-debuginfo-2.1.3-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.ppc64le.rpm  
rubygem-psych-3.1.0-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm  
rubygem-psych-debuginfo-3.1.0-138.module+el8.6.0+16148+54b2ba8f.ppc64le.rpm

s390x:  
ruby-2.7.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
ruby-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
ruby-debugsource-2.7.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
ruby-devel-2.7.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
ruby-libs-2.7.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
ruby-libs-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-bigdecimal-2.0.0-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-bigdecimal-debuginfo-2.0.0-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-io-console-0.5.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-io-console-debuginfo-0.5.6-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-json-2.3.0-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-json-debuginfo-2.3.0-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-openssl-2.1.3-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-openssl-debuginfo-2.1.3-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.s390x.rpm  
rubygem-psych-3.1.0-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm  
rubygem-psych-debuginfo-3.1.0-138.module+el8.6.0+16148+54b2ba8f.s390x.rpm

x86_64:  
ruby-2.7.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
ruby-2.7.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
ruby-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
ruby-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
ruby-debugsource-2.7.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
ruby-debugsource-2.7.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
ruby-devel-2.7.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
ruby-devel-2.7.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
ruby-libs-2.7.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
ruby-libs-2.7.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
ruby-libs-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
ruby-libs-debuginfo-2.7.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-bigdecimal-2.0.0-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-bigdecimal-2.0.0-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-bigdecimal-debuginfo-2.0.0-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-bigdecimal-debuginfo-2.0.0-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-bson-4.8.1-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-bson-debuginfo-4.8.1-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-bson-debugsource-4.8.1-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-io-console-0.5.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-io-console-0.5.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-io-console-debuginfo-0.5.6-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-io-console-debuginfo-0.5.6-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-json-2.3.0-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-json-2.3.0-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-json-debuginfo-2.3.0-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-json-debuginfo-2.3.0-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-mysql2-0.5.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-openssl-2.1.3-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-openssl-2.1.3-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-openssl-debuginfo-2.1.3-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-openssl-debuginfo-2.1.3-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-pg-1.2.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.3.0+7192+4e3a532a.x86_64.rpm  
rubygem-psych-3.1.0-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-psych-3.1.0-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm  
rubygem-psych-debuginfo-3.1.0-138.module+el8.6.0+16148+54b2ba8f.i686.rpm  
rubygem-psych-debuginfo-3.1.0-138.module+el8.6.0+16148+54b2ba8f.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-41817  
https://access.redhat.com/security/cve/CVE-2021-41819  
https://access.redhat.com/security/cve/CVE-2022-28739  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyCB8tzjgjWX9erEAQgejg/+OH6Jsb1IZAFisrfV/6nIZOkFqhSKpzNf  
4VhuC22aesYUEWvSip2jHbFeGVkuI+iqieKPGLr6qHxZ4m8gt5EC8Ti8L6RbJ6rx  
W0/JZBalDZDLbsZJrbAH3EoP5WOQ1DYY+FTXaQNX4Yf2VIhTTFFtBXrYumtikkcW  
K8u1qT6v3rhdysSwJc+SZi0X2AVQrTRrRXjN4ozsypJvyAkOQRYB+v79YSNVK80q  
KF/4U76ohYBx5pbzHW+Vqf8ZMBaGuseXFbcgcqlWUC4n8pKNo06pcof5+nkMYM2Z  
tPieoq7AYs9f0zeVi39kkqhyXDPCZhCxcCaBepSAFAEUil6Pib7yWA+AA/FsITC6  
Zvyn9ALA25XrUeeUAH8VngWWpJH6vcYxJe2AzkPXYoGEdgNhVgpnmdLWVkd80VSG  
ASEnPstIqYUGNR4Y1rTTy6DuvlFBlLfbwntfq1FtlXiScpvpQ8sJ+cquE4UaxWc2  
ifggdPHVHILtNFom3hDNx1l89v2bOLhS6/1DgqRKUq/J1zvHx61rCqxZ1pwh3U23  
rX2UPZ7oFlZCN2g884wLUJFPbJEs8di/0MTm6bdka27O1SP0h6d9vhZ4O69L8/BP  
GdtDZBe0TchUf+Zr0mAf7k0Mb66XH9/8oru+iEMq0tky97EVOpmbzbrYiOYdrJ4Y  
kP56IuEnZFk=  
=Mwlx  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6447-01

Red Hat Security Advisory 2022-6450-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service, double free, and spoofing vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: ruby:3.0 security, bug fix, and enhancement update  
Advisory ID:       RHSA-2022:6450-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:6450  
Issue date:        2022-09-13  
CVE Names:         CVE-2021-41817 CVE-2021-41819 CVE-2022-28738   
                   CVE-2022-28739   
=====================================================================

1. Summary:

An update for the ruby:3.0 module is now available for Red Hat Enterprise  
Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Ruby is an extensible, interpreted, object-oriented, scripting language. It  
has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: ruby  
(3.0.4). (BZ#2109431)

Security Fix(es):

* ruby: Regular expression denial of service vulnerability of Date parsing  
methods (CVE-2021-41817)

* ruby: Cookie prefix spoofing in CGI::Cookie.parse (CVE-2021-41819)

* Ruby: Double free in Regexp compilation (CVE-2022-28738)

* Ruby: Buffer overrun in String-to-Float conversion (CVE-2022-28739)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* ruby 3.0: User-installed rubygems plugins are not being loaded [RHEL8]  
(BZ#2110981)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2025104 - CVE-2021-41817 ruby: Regular expression denial of service vulnerability of Date parsing methods  
2026757 - CVE-2021-41819 ruby: Cookie prefix spoofing in CGI::Cookie.parse  
2075685 - CVE-2022-28738 Ruby: Double free in Regexp compilation  
2075687 - CVE-2022-28739 Ruby: Buffer overrun in String-to-Float conversion  
2109431 - ruby:3.0/ruby: Rebase to the latest Ruby 3.0 release [rhel-8] [rhel-8.6.0.z]  
2110981 - ruby 3.0: User-installed rubygems plugins are not being loaded [RHEL8] [rhel-8.6.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
ruby-3.0.4-141.module+el8.6.0+16311+3e5e17e9.src.rpm  
rubygem-abrt-0.4.0-1.module+el8.5.0+11580+845038eb.src.rpm  
rubygem-mysql2-0.5.3-1.module+el8.5.0+11580+845038eb.src.rpm  
rubygem-pg-1.2.3-1.module+el8.5.0+11580+845038eb.src.rpm

aarch64:  
ruby-3.0.4-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
ruby-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
ruby-debugsource-3.0.4-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
ruby-devel-3.0.4-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
ruby-libs-3.0.4-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
ruby-libs-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-bigdecimal-3.0.0-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-bigdecimal-debuginfo-3.0.0-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-io-console-0.5.7-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-io-console-debuginfo-0.5.7-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-json-2.5.1-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-json-debuginfo-2.5.1-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-mysql2-0.5.3-1.module+el8.5.0+11580+845038eb.aarch64.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.5.0+11580+845038eb.aarch64.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.5.0+11580+845038eb.aarch64.rpm  
rubygem-pg-1.2.3-1.module+el8.5.0+11580+845038eb.aarch64.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.5.0+11580+845038eb.aarch64.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.5.0+11580+845038eb.aarch64.rpm  
rubygem-psych-3.3.2-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm  
rubygem-psych-debuginfo-3.3.2-141.module+el8.6.0+16311+3e5e17e9.aarch64.rpm

noarch:  
ruby-default-gems-3.0.4-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
ruby-doc-3.0.4-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-abrt-0.4.0-1.module+el8.5.0+11580+845038eb.noarch.rpm  
rubygem-abrt-doc-0.4.0-1.module+el8.5.0+11580+845038eb.noarch.rpm  
rubygem-bundler-2.2.33-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-irb-1.3.5-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-minitest-5.14.2-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-mysql2-doc-0.5.3-1.module+el8.5.0+11580+845038eb.noarch.rpm  
rubygem-pg-doc-1.2.3-1.module+el8.5.0+11580+845038eb.noarch.rpm  
rubygem-power_assert-1.2.0-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-rake-13.0.3-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-rbs-1.4.0-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-rdoc-6.3.3-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-rexml-3.2.5-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-rss-0.2.9-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-test-unit-3.3.7-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygem-typeprof-0.15.2-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygems-3.2.33-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm  
rubygems-devel-3.2.33-141.module+el8.6.0+16311+3e5e17e9.noarch.rpm

ppc64le:  
ruby-3.0.4-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
ruby-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
ruby-debugsource-3.0.4-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
ruby-devel-3.0.4-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
ruby-libs-3.0.4-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
ruby-libs-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-bigdecimal-3.0.0-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-bigdecimal-debuginfo-3.0.0-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-io-console-0.5.7-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-io-console-debuginfo-0.5.7-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-json-2.5.1-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-json-debuginfo-2.5.1-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-mysql2-0.5.3-1.module+el8.5.0+11580+845038eb.ppc64le.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.5.0+11580+845038eb.ppc64le.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.5.0+11580+845038eb.ppc64le.rpm  
rubygem-pg-1.2.3-1.module+el8.5.0+11580+845038eb.ppc64le.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.5.0+11580+845038eb.ppc64le.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.5.0+11580+845038eb.ppc64le.rpm  
rubygem-psych-3.3.2-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm  
rubygem-psych-debuginfo-3.3.2-141.module+el8.6.0+16311+3e5e17e9.ppc64le.rpm

s390x:  
ruby-3.0.4-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
ruby-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
ruby-debugsource-3.0.4-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
ruby-devel-3.0.4-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
ruby-libs-3.0.4-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
ruby-libs-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-bigdecimal-3.0.0-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-bigdecimal-debuginfo-3.0.0-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-io-console-0.5.7-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-io-console-debuginfo-0.5.7-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-json-2.5.1-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-json-debuginfo-2.5.1-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-mysql2-0.5.3-1.module+el8.5.0+11580+845038eb.s390x.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.5.0+11580+845038eb.s390x.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.5.0+11580+845038eb.s390x.rpm  
rubygem-pg-1.2.3-1.module+el8.5.0+11580+845038eb.s390x.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.5.0+11580+845038eb.s390x.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.5.0+11580+845038eb.s390x.rpm  
rubygem-psych-3.3.2-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm  
rubygem-psych-debuginfo-3.3.2-141.module+el8.6.0+16311+3e5e17e9.s390x.rpm

x86_64:  
ruby-3.0.4-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
ruby-3.0.4-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
ruby-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
ruby-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
ruby-debugsource-3.0.4-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
ruby-debugsource-3.0.4-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
ruby-devel-3.0.4-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
ruby-devel-3.0.4-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
ruby-libs-3.0.4-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
ruby-libs-3.0.4-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
ruby-libs-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
ruby-libs-debuginfo-3.0.4-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-bigdecimal-3.0.0-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-bigdecimal-3.0.0-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-bigdecimal-debuginfo-3.0.0-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-bigdecimal-debuginfo-3.0.0-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-io-console-0.5.7-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-io-console-0.5.7-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-io-console-debuginfo-0.5.7-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-io-console-debuginfo-0.5.7-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-json-2.5.1-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-json-2.5.1-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-json-debuginfo-2.5.1-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-json-debuginfo-2.5.1-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-mysql2-0.5.3-1.module+el8.5.0+11580+845038eb.x86_64.rpm  
rubygem-mysql2-debuginfo-0.5.3-1.module+el8.5.0+11580+845038eb.x86_64.rpm  
rubygem-mysql2-debugsource-0.5.3-1.module+el8.5.0+11580+845038eb.x86_64.rpm  
rubygem-pg-1.2.3-1.module+el8.5.0+11580+845038eb.x86_64.rpm  
rubygem-pg-debuginfo-1.2.3-1.module+el8.5.0+11580+845038eb.x86_64.rpm  
rubygem-pg-debugsource-1.2.3-1.module+el8.5.0+11580+845038eb.x86_64.rpm  
rubygem-psych-3.3.2-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-psych-3.3.2-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm  
rubygem-psych-debuginfo-3.3.2-141.module+el8.6.0+16311+3e5e17e9.i686.rpm  
rubygem-psych-debuginfo-3.3.2-141.module+el8.6.0+16311+3e5e17e9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-41817  
https://access.redhat.com/security/cve/CVE-2021-41819  
https://access.redhat.com/security/cve/CVE-2022-28738  
https://access.redhat.com/security/cve/CVE-2022-28739  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBYyCB39zjgjWX9erEAQhxWw/+KSmwOTYjC11C1DDOcN3gyX3jVPdq04pL  
SEeobwoattaVo7kvVHRMFncpWiqrGY4j2V7vEFUh0ejKF8PxSVBYwxB+NfNmD2V3  
l8XEaFGq0/l8GHBFEc2IqAP4wmXhECxE3nI2eaOBm0FYlQIHnw9vmvck0uxelZQ5  
MoNLPMmq5X3tD6E8bbJvg0JbkemcQF8Q6tfKlAHIsvsc4cthCNcTPa8gyN1uXH+0  
pEG5MMxRC+06lTStqQVKbbyVSDmHoaQBjXhNo9NROlgkvqwLAhrWZzDMLs/4d7fS  
3Cy/p80vWpVg56M3oPIY4OMfMgNwrLwfLqCJWFA0IcdYhffClzorMiCs85MteWQA  
zYZoaKFOf0m38TD1yTOtjcXoHrtbLfXsnQFu5R08SyBCj7ppI1IUE8rCHvNtDnCp  
CQke/GAHoNeFBppAsfseDkOndutSipImmygGhX05QI5gvRC3/Cz/nAvZX9TpNia5  
SlVsO8w9XJIvtbcLjOkHBjFuGpZ71bHNBOqveRkfuE6q3W6TXKpqhTlkipdrb41L  
6nuJKNm89/Hi++5RKmv6YJRDfLr86K9StCBtrvEqgV9XTt6ppwEI/0uzbVFhPtVi  
i1dh8XruZEtAMUqUToc3jj4gGZgn9deXfNgZxp1phVMjKq1CRpG965xCM3yE9iPV  
4jmxeiFCqp0=  
=YJLI  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-6450-01

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module.

\# -\*- coding: UTF-8 -\*- from django.urls import path from django.views.i18n import JavaScriptCatalog import sql.instance\_database import sql.query\_privileges import sql.sql\_optimize from common import auth, config, workflow, dashboard, check from common.twofa import totp from sql import views, sql\_workflow, sql\_analyze, query, slowlog, instance, instance\_account, db\_diagnostic, \\ resource\_group, binlog, data\_dictionary, archiver, audit\_log, user from sql.utils import tasks from common.utils import ding\_api urlpatterns \= \[ path('', views.index), path('jsi18n/', JavaScriptCatalog.as\_view(), name\='javascript-catalog'), path('index/', views.index), path('login/', views.login, name\='login'), path('login/2fa/', views.twofa, name\='twofa'), path('logout/', auth.sign\_out), path('signup/', auth.sign\_up), path('sqlworkflow/', views.sqlworkflow), path('submitsql/', views.submit\_sql), path('editsql/', views.submit\_sql), path('submitotherinstance/', views.submit\_sql), path('detail/<int:workflow\_id>/', views.detail, name\='detail'), path('autoreview/', sql\_workflow.submit), path('passed/', sql\_workflow.passed), path('execute/', sql\_workflow.execute), path('timingtask/', sql\_workflow.timing\_task), path('alter\_run\_date/', sql\_workflow.alter\_run\_date), path('cancel/', sql\_workflow.cancel), path('rollback/', views.rollback), path('sqlanalyze/', views.sqlanalyze), path('sqlquery/', views.sqlquery), path('slowquery/', views.slowquery), path('sqladvisor/', views.sqladvisor), path('slowquery\_advisor/', views.sqladvisor), path('queryapplylist/', views.queryapplylist), path('queryapplydetail/<int:apply\_id>/', views.queryapplydetail, name\='queryapplydetail'), path('queryuserprivileges/', views.queryuserprivileges), path('dbdiagnostic/', views.dbdiagnostic), path('workflow/', views.workflows), path('workflow/<int:audit\_id>/', views.workflowsdetail), path('dbaprinciples/', views.dbaprinciples), path('dashboard/', dashboard.pyecharts), path('group/', views.group), path('grouprelations/<int:group\_id>/', views.groupmgmt), path('instance/', views.instance), path('instanceaccount/', views.instanceaccount), path('database/', views.database), path('instanceparam/', views.instance\_param), path('binlog2sql/', views.binlog2sql), path('my2sql/', views.my2sql), path('schemasync/', views.schemasync), path('archive/', views.archive), path('archive/<int:id>/', views.archive\_detail, name\='archive\_detail'), path('config/', views.config), path('audit/', views.audit), path('audit\_sqlquery/', views.audit\_sqlquery), path('audit\_sqlworkflow/', views.audit\_sqlworkflow), path('authenticate/', auth.authenticate\_entry), path('sqlworkflow\_list/', sql\_workflow.sql\_workflow\_list), path('sqlworkflow\_list\_audit/', sql\_workflow.sql\_workflow\_list\_audit), path('sqlworkflow/detail\_content/', sql\_workflow.detail\_content), path('sqlworkflow/backup\_sql/', sql\_workflow.backup\_sql), path('simplecheck/', sql\_workflow.check), path('getWorkflowStatus/', sql\_workflow.get\_workflow\_status), path('del\_sqlcronjob/', tasks.del\_schedule), path('inception/osc\_control/', sql\_workflow.osc\_control), path('sql\_analyze/generate/', sql\_analyze.generate), path('sql\_analyze/analyze/', sql\_analyze.analyze), path('workflow/list/', workflow.lists), path('workflow/log/', workflow.log), path('config/change/', config.change\_config), path('check/inception/', check.inception), path('check/go\_inception/', check.go\_inception), path('check/email/', check.email), path('check/instance/', check.instance), path('group/group/', resource\_group.group), path('group/addrelation/', resource\_group.addrelation), path('group/relations/', resource\_group.associated\_objects), path('group/instances/', resource\_group.instances), path('group/unassociated/', resource\_group.unassociated\_objects), path('group/auditors/', resource\_group.auditors), path('group/changeauditors/', resource\_group.changeauditors), path('group/user\_all\_instances/', resource\_group.user\_all\_instances), path('instance/list/', instance.lists), path('instance/user/list', instance\_account.users), path('instance/user/create/', instance\_account.create), path('instance/user/edit/', instance\_account.edit), path('instance/user/grant/', instance\_account.grant), path('instance/user/reset\_pwd/', instance\_account.reset\_pwd), path('instance/user/lock/', instance\_account.lock), path('instance/user/delete/', instance\_account.delete), path('instance/database/list/', sql.instance\_database.databases), path('instance/database/create/', sql.instance\_database.create), path('instance/database/edit/', sql.instance\_database.edit), path('instance/schemasync/', instance.schemasync), path('instance/instance\_resource/', instance.instance\_resource), path('instance/describetable/', instance.describe), path('data\_dictionary/', views.data\_dictionary), path('data\_dictionary/table\_list/', data\_dictionary.table\_list), path('data\_dictionary/table\_info/', data\_dictionary.table\_info), path('data\_dictionary/export/', data\_dictionary.export), path('param/list/', instance.param\_list), path('param/history/', instance.param\_history), path('param/edit/', instance.param\_edit), path('query/', query.query), path('query/querylog/', query.querylog), path('query/querylog\_audit/', query.querylog\_audit), path('query/favorite/', query.favorite), path('query/explain/', sql.sql\_optimize.explain), path('query/applylist/', sql.query\_privileges.query\_priv\_apply\_list), path('query/userprivileges/', sql.query\_privileges.user\_query\_priv), path('query/applyforprivileges/', sql.query\_privileges.query\_priv\_apply), path('query/modifyprivileges/', sql.query\_privileges.query\_priv\_modify), path('query/privaudit/', sql.query\_privileges.query\_priv\_audit), path('binlog/list/', binlog.binlog\_list), path('binlog/binlog2sql/', binlog.binlog2sql), path('binlog/my2sql/', binlog.my2sql), path('binlog/del\_log/', binlog.del\_binlog), path('slowquery/review/', slowlog.slowquery\_review), path('slowquery/review\_history/', slowlog.slowquery\_review\_history), path('slowquery/optimize\_sqladvisor/', sql.sql\_optimize.optimize\_sqladvisor), path('slowquery/optimize\_sqltuning/', sql.sql\_optimize.optimize\_sqltuning), path('slowquery/optimize\_soar/', sql.sql\_optimize.optimize\_soar), path('slowquery/optimize\_sqltuningadvisor/', sql.sql\_optimize.optimize\_sqltuningadvisor), path('slowquery/report/', slowlog.report), path('db\_diagnostic/process/', db\_diagnostic.process), path('db\_diagnostic/create\_kill\_session/', db\_diagnostic.create\_kill\_session), path('db\_diagnostic/kill\_session/', db\_diagnostic.kill\_session), path('db\_diagnostic/tablesapce/', db\_diagnostic.tablesapce), path('db\_diagnostic/trxandlocks/', db\_diagnostic.trxandlocks), path('db\_diagnostic/innodb\_trx/', db\_diagnostic.innodb\_trx), path('archive/list/', archiver.archive\_list), path('archive/apply/', archiver.archive\_apply), path('archive/audit/', archiver.archive\_audit), path('archive/switch/', archiver.archive\_switch), path('archive/once/', archiver.archive\_once), path('archive/log/', archiver.archive\_log), path('4admin/sync\_ding\_user/', ding\_api.sync\_ding\_user), path('audit/log/', audit\_log.audit\_log), path('audit/input/', audit\_log.audit\_input), path('user/list/', user.lists), path('user/qrcode/<str:data>/', totp.generate\_qrcode), \]

CVE-2022-38538: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply.

CVE-2022-38539: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.4.5 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_file, end_file, start_time, and stop_time parameters in the binlog2sql interface.

CVE-2022-38537: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.8.3 to v1.8.5 was discovered to contain multiple SQL injection vulnerabilities via the start_time and stop_time parameters in the my2sql interface.

CVE-2022-38541: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the create_kill_session interface.

CVE-2022-38540: Archery/urls.py at v1.8.5 · hhyo/Archery

Archery v1.4.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the ThreadIDs parameter in the kill_session interface.

CVE-2022-38542: Archery/urls.py at v1.8.5 · hhyo/Archery

SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf.

An attacker requires an account on the SmartVista SVFE2. An attacker can use a quote character to break query string and inject sql payload to "UserForm:j\_id90" parameter (Description) in /SVFE2/pages/feegroups/tgrt\_group.jsf. Response data could help an attacker identify whether an injected SQL query is correct or not.

Tag

#sql