UCSF IT Technology

The Apache Software Foundation has released a security update to address a vulnerability in Apache Flume. An attacker could exploit this vulnerability to perform arbitrary remote code execution.

IBM has released security updates to address Severe vulnerabilities in IBM MQ Messaging Middleware. Multiple issues were identified within the libcurl library that affect IBM MQ. IBM MQ server and non-Java client installations use libcurl to provide HTTPURL functionality which is used to download remote CCDT files.

Mozilla has released security updates to address High vulnerabilities in multiple Mozilla products. An attacker could exploit these vulnerabilities to take control of an affected system.

Gitlab released security updates to address Critical vulnerabilities in Gitlab Community Edition (CE) and Enterprise Edition (EE) versions. The vulnerabilities could allow an attacker to perform arbitrary remote code execution.

VMware has released security updates to address Important vulnerabilities in VMware Tools. A remote attacker could likely exploit the vulnerability to take control of an affected system. For a complete description of the vulnerabilities and affected systems go to VMSA-2022-0024. IT Security