Articles by KENNETH

About KENNETH
지락문화예술공작단
No Image

2022 NGINX State of App and API Delivery Report

2022-12-14 KENNETH 0

2022 NGINX State of App and API Delivery Report December is a natural time for reflection and introspection. As the year draws to a close, many organizations – including NGINX – are thinking about lessons learned over the past 12 months. Like us, you might be asking questions like: What insights can our data provide? What did we learn? What will we do differently and where should we keep powering forward? At NGINX, our retrospective includes analyzing the input and feedback that our community shares with us in our annual survey. In 2022, the survey both yielded surprises and confirmed trends we’d been picking up throughout the year. In this blog, we surface key insights and share the 2022 NGINX State of App and API Delivery Report. 2022 Insights Insight #1: Security (still) isn’t everybody’s job…and that’s ok. As is typical in most surveys, we [ more… ]

No Image

USN-5777-1: Pillow vulnerabilities

2022-12-13 KENNETH 0

USN-5777-1: Pillow vulnerabilities It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. (CVE-2022-24303) It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service. (CVE-2022-45198) Source: USN-5777-1: Pillow vulnerabilities

No Image

USN-5776-1: containerd vulnerabilities

2022-12-13 KENNETH 0

USN-5776-1: containerd vulnerabilities It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. (CVE-2022-23471, CVE-2022-31030) It was discovered that containerd incorrectly set up inheritable file capabilities. An attacker could possibly use this issue to escalate privileges inside a container. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24769) It was discovered that containerd incorrectly handled access to encrypted container images when using imgcrypt library. A remote attacker could possibly use this issue to access encrypted images from other users. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-24778) Source: USN-5776-1: containerd vulnerabilities

No Image

USN-5775-1: Vim vulnerabilities

2022-12-13 KENNETH 0

USN-5775-1: Vim vulnerabilities It was discovered that Vim uses freed memory in recurisve substitution of specially crafted patterns. An attacker could possbly use this to crash Vim and cause denial of service. (CVE-2022-2345) It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. (CVE-2022-2581) It was discovered that Vim could be made to crash when parsing invalid line numbers. An attacker could possbly use this to crash Vim and cause denial of service. (CVE-2022-3099) It was discovered that Vim uses freed memory when autocmd changes a mark. An attacker could possbly use this to crash Vim and cause denial of service. (CVE-2022-3256) It was discovered the Vim uses an incorrect array index when window width is negative. [ more… ]

[도서] 초등학생을 위한 메타버스 크리에이터 무작정 따라하기 with 제페토

2022-12-13 KENNETH 0

[도서] 초등학생을 위한 메타버스 크리에이터 무작정 따라하기 with 제페토 분야별 신상품 – 국내도서 – 컴퓨터와 인터넷 [도서]초등학생을 위한 메타버스 크리에이터 무작정 따라하기 with 제페토 송다영,이다인 공저/한의표,에이럭스 미래교육연구소 감수 | 길벗 | 2022년 12월 판매가 16,200원 (10%할인) | YES포인트 900원(5%지급) 혼자서도 척척! 초등학생을 위한 메타버스 크리에이터 무작정 따라하기 with 제페토 메타버스 기본기부터 활용까지 한 권으로! 알쏭달쏭 메타버스! 개념과 기본기를 단단히 다진 다음, 본격적으로 메타버스를 Source: [도서] 초등학생을 위한 메타버스 크리에이터 무작정 따라하기 with 제페토