Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.

CVE-2022-27937: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.

CVE-2022-26656: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-27928: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.

CVE-2022-25357: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.

CVE-2022-27934: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.

CVE-2022-27929: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP.

CVE-2022-26654: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth.

CVE-2022-27935: Pexip security bulletins | Pexip Infinity Docs

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.

**Unauthenticated Remote Code Execution via ssl\_cert Upload**

Critical

Aidaho12 published GHSA-pg3w-8p63-x483

Jul 6, 2022

**Package**

options.py (Roxy-WI)

**Affected versions**

< 6.1.1.0

**Description**

**Impact**

A vulnerability in Roxy-wi allows a remote, unauthenticated attacker to code execution by sending a specially crafted HTTP request to /app/options.py file via **upload** function. This affects Roxy-wi versions before 6.1.0.

**Patches**

in 6.1.1.0 version

**Severity**

**CVSS base metrics**

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L

**Weaknesses**

CVE-2022-31161

Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes.

**Dmitri Shuralyov**

unread,

Jun 1, 2022, 11:00:01 PMJun 1

to golan...@googlegroups.com

Hello gophers,

We have just released Go versions 1.18.3 and 1.17.11, minor point releases.

These minor releases include 4 security fixes following the security policy:

*   crypto/rand: rand.Read hangs with extremely large buffers
    
    On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 << 32 - 1 bytes.
    
    Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset, for reporting this issue.
    
    This is CVE-2022-30634 and Go issue https://go.dev/issue/52561.
    

*   crypto/tls: session tickets lack random ticket\_age\_add
    
    Session tickets generated by crypto/tls did not contain a randomly generated ticket\_age\_add. This allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
    
    Thanks to GitHub user @nervuri for reporting this.
    
    This is CVE-2022-30629 and Go issue https://go.dev/issue/52814.
    

*   os/exec: empty Cmd.Path can result in running unintended binary on Windows
    
    If, on Windows, Cmd.Run, cmd.Start, cmd.Output, or cmd.CombinedOutput are executed when Cmd.Path is unset and, in the working directory, there are binaries named either "..com" or "..exe", they will be executed.
    
    Thanks to Chris Darroch (chris...@github.com), brian m. carlson (bk2...@github.com), and Mikhail Shcherbakov (https://twitter.com/yu5k3) for reporting this.
    
    This is CVE-2022-30580 and Go issue https://go.dev/issue/52574.
    

*   path/filepath: Clean(\`.\\c:\`) returns \`c:\` on Windows
    
    On Windows, the filepath.Clean function could convert an invalid path to a valid, absolute path. For example, Clean(\`.\\c:\`) returned \`c:\`.
    
    Thanks to Unrud for reporting this issue.
    
    This is CVE-2022-29804 and Go issue https://go.dev/issue/52476.
    

View the release notes for more information:  
https://go.dev/doc/devel/release#go1.18.minor

You can download binary and source distributions from the Go web site:  
https://go.dev/dl/

To compile from source using a Git clone, update to the release with  
"git checkout go1.18.3" and build as usual.

Thanks to everyone who contributed to the releases.

Cheers,  
Dmitri and Alex for the Go team

Tag

#ssl