O nisi o fa'aletonu na iloa talu ai nei:
- Tolu fa'aletonu i le freeCAD fa'akomepiuta fesoasoani polokalama ma le faletusi libdxfrw lea e mafai ai ona e fa'aosoina se fa'amama fa'atonutonu ma mafai ona ausia le fa'atinoina o tulafono pe a tatala fa'apitoa fa'atulagaina faila DWG ma DXF. O faʻafitauli ua faʻamautuina i le taimi nei i le tulaga o patches (CVE-2021-21898, CVE-2021-21899, CVE-2021-21900).
- O se fa'aletonu (CVE-2021-41817) i le Date.parse metotia o lo'o tu'uina atu i le faletusi masani a Ruby. O faʻaletonu i faʻamatalaga masani e faʻaaogaina e faʻavasega ai aso i le Date.parse metotia e mafai ona faʻaaogaina e faʻataunuʻu ai osofaʻiga a le DoS, e mafua ai le faʻaaogaina o punaoa CPU taua ma le faʻaaogaina o mafaufauga pe a faʻagasolo faʻamaumauga faʻapitoa.
- O se fa'aletonu i le TensorFlow masini a'oa'oga (CVE-2021-41228), e mafai ai ona fa'atinoina le code pe a pasia e le saved_model_cli fa'amatalaga osofa'i fa'amatalaga i le "--input_examples" parakalafa. O le faʻafitauli e mafua mai i le faʻaaogaina o faʻamatalaga i fafo pe a valaʻau le code ma le "eval" galuega. O loʻo faʻamauina le mataupu i faʻasalalauga o TensorFlow 2.7.0, TensorFlow 2.6.1, TensorFlow 2.5.2, ma TensorFlow 2.4.4.
- O se fa'aletonu (CVE-2021-43331) i le GNU Mailman fa'atonuga o meli e mafua mai i le le sa'o o le taulimaina o nisi ituaiga o URL. O le faʻafitauli e mafai ai ona e faʻatulagaina le faʻatinoina o le code JavaScript e ala i le faʻamaonia o se URL faʻapitoa i luga o le itulau faʻatulagaina. O le isi mataupu ua faʻaalia foi i le Mailman (CVE-2021-43332), lea e mafai ai e se tagata faʻaoga faʻatasi ai ma aia tatau e mate ai le faʻaupuga o le pule. O faʻafitauli ua foia i le Mailman 2.1.36 faʻasalalauga.
- O se faʻasologa o faʻafitauli i le Vim text editor e mafai ona oʻo atu ai i se faʻalavelave faʻafefe ma mafai ona faʻataunuʻuina le code attacker pe a tatalaina faila faʻapitoa e ala i le "-S" filifiliga (CVE-2021-3903, CVE-2021-3872, CVE-2021 -3927, CVE -2021-3928, faasa'oga - 1, 2, 3, 4).
puna: opennet.ru