USN-5104-1: Squid vulnerability Lyu discovered that Squid incorrectly handled WCCP protocol data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly obtain sensitive information. Source: USN-5104-1: Squid vulnerability
USN-5103-1: docker.io vulnerability Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in Docker incorrectly allowed the docker cp command to make permissions changes in the host filesystem in some situations. A local attacker could possibly use to this to expose sensitive information or gain administrative privileges. Source: USN-5103-1: docker.io vulnerability
USN-5102-1: Mercurial vulnerabilities It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. (CVE-2019-3902) It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a denial of service and possibly execute arbitrary code. (CVE-2018-17983) Source: USN-5102-1: Mercurial vulnerabilities
USN-5101-1: MongoDB vulnerability It was discovered that MongoDB incorrectly handled certain wire protocol messages. A remote attacker could possibly use this issue to cause MongoDB to crash, resulting in a denial of service. Source: USN-5101-1: MongoDB vulnerability
USN-5100-1: containerd vulnerability It was discovered that containerd insufficiently restricted permissions on container root and plugin directories. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could traverse directory contents and modify files and execute programs on the host filesystem, possibly leading to privilege escalation. Source: USN-5100-1: containerd vulnerability
Copyright © 2025 | WordPress Theme by MH Themes
