This episode of the WP Briefing features all the Josepha bloopers our little elves have stored away over the year.
Archive for December 31st, 2022
6 results.
It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.
Comment
OpenImageIO is a library for reading and writing images, and a bunch of related classes, utilities, and applications. Main features include: – Extremely simple but powerful ImageInput and ImageOutput APIs for reading and writing 2D images that is format agnostic. – Format plugins for TIFF, JPEG/JFIF, OpenEXR, PNG, HDR/RGBE, Targa, JPEG-2000,
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3.
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42852
The following vulnerabilities have been discovered in the WPE WebKit web engine: CVE-2022-42852