Ọtụtụ adịghị ike achọpụtara nso nso a:
- Ọdịmma atọ dị na sistemụ arụmọrụ kọmputa na-enyere aka na LibreCAD n'efu yana ọbá akwụkwọ libdxfrw nke na-enye gị ohere ịkpalite oke njupụta nke na-achịkwa wee nwee ike nweta mmebe koodu mgbe imepe faịlụ DWG na DXF ahaziri iche. Edozila nsogbu ndị a naanị n'ụdị patches (CVE-2021-21898, CVE-2021-21899, CVE-2021-21900).
- Ihe ọghọm (CVE-2021-41817) na usoro Date.parse enyere na ọba akwụkwọ ọkọlọtọ Ruby. Enwere ike iji ntụpọ dị n'okwu a na-ejikarị akọwa ụbọchị na usoro Date.parse iji mee mwakpo DoS, na-ebute oriri nke nnukwu akụrụngwa CPU yana oriri ebe nchekwa mgbe ị na-ahazi data ahaziri ahazi.
- Ihe ọghọm dị na ikpo okwu mmụta igwe TensorFlow (CVE-2021-41228), nke na-enye ohere ka emee koodu mgbe nchekwa_model_cli utility na-eme ihe ndị na-awakpo data gafere na “-input_emples” paramita. Nsogbu a na-ebute site na iji data mpụga mgbe ị na-akpọ koodu na ọrụ "eval". A na-edozi okwu ahụ na mwepụta nke TensorFlow 2.7.0, TensorFlow 2.6.1, TensorFlow 2.5.2, na TensorFlow 2.4.4.
- Ọdịmma (CVE-2021-43331) na sistemụ njikwa nzipu ozi GNU nke sitere na njikwa na-ezighi ezi nke ụfọdụ ụdị URL. Nsogbu a na-enye gị ohere ịhazi mmebe nke koodu Javascript site na ịkọwa URL ahaziri ahazi na ibe ntọala. Achọpụtakwara okwu ọzọ na Mailman (CVE-2021-43332), nke na-enye onye ọrụ ikike ikike ịkọwapụta paswọọdụ nchịkwa. Edozila nsogbu ndị a na ntọhapụ Mailman 2.1.36.
- Usoro adịghị ike dị na onye na-edezi ederede Vim nke nwere ike iduga na-ebufe oke na nwere ike igbu koodu onye na-awakpo mgbe ị na-emepe faịlụ ndị emepụtara pụrụ iche site na nhọrọ "-S" (CVE-2021-3903, CVE-2021-3872, CVE-2021 -3927, CVE -2021-3928, mmezi - 1, 2, 3, 4).
isi: opennet.ru