6/24至6/30 Known Exploited Vulnerabilities Catalog(KEV)週報
- 發布單位:TWCERT/CC
- 更新日期:2024-07-15
- 點閱次數:403
- 內容說明:
CISA於6/24至6/30在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。
- 影響平台:
受影響廠商與產品名稱如下:
GeoSolutionsGroup|JAI-EXT
Linux|Kernel
Roundcube|Webmail
- 處置建議:
修補說明請參考以下官方連結:
GeoSolutionsGroup|JAI-EXT
此漏洞影響產品為開源套件,實際修補方式請參考各家廠商的說明,需要更多資訊可參考以下網址:
https://github.com/geosolutions-it/jai-ext/releases/tag/1.1.22
https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx
Linux|Kernel
此漏洞影響產品為開源套件,實際修補方式請參考各家廠商的說明,需要更多資訊可參考以下網址:
https://seclists.org/oss-sec/2022/q3/131
Roundcube|Webmail
https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
- CVE編號:
CVE-2020-13965
CVE-2022-2586
CVE-2022-24816
相關連結
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- https://nvd.nist.gov/vuln/detail/CVE-2020-13965
- https://nvd.nist.gov/vuln/detail/CVE-2022-2586
- https://nvd.nist.gov/vuln/detail/CVE-2022-24816
- https://github.com/geosolutions-it/jai-ext/releases/tag/1.1.22
- https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx
- https://seclists.org/oss-sec/2022/q3/131
- https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12