[월:] 2020년 10월

USN-4563-1: NTP vulnerability It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer dereference into NTP. An attacker could use this vulnerability to cause a denial of service (crash). Source: USN-4563-1: NTP vulnerability

USN-4562-1: kramdown vulnerability It was discovered that kramdown insecurely handled certain crafted input. An attacker could use this vulnerability to read restricted files or execute arbitrary code. Source: USN-4562-1: kramdown vulnerability

USN-4561-1: Rack vulnerabilities It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-8161) It was discovered that Rack incorrectly validated cookies. An attacker could possibly use this issue to forge a secure cookie. (CVE-2020-8184) Source: USN-4561-1: Rack vulnerabilities