Security Advisory Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and ...
More info:
https://my.f5.com/manage/s/article/K000133753?utm_source=f5support&utm_medium=RSS
Security Advisory Description Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash.
More info:
https://my.f5.com/manage/s/article/K000133752?utm_source=f5support&utm_medium=RSS
by Michael Hawkins. Insufficient sanitizing of loaders used by TinyMCE resulted in an arbitrary folder creation risk.Severity/Risk:SeriousVersions affected:4.1 to 4.1.2Versions fixed:4.1.3Reported by:Yaniv Nizry (SonarSource)CVE identifier:CVE-2023-30943Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77718Tracker issue:MDL-77718 TinyMCE loaders susceptible to Arbitrary Folder Creation
More info:
https://moodle.org/mod/forum/discuss.php?d=446285&parent=1793613
by Michael Hawkins. A limited SQL injection risk was identified in functionality used by the Wiki activity when listing pages.Severity/Risk:MinorVersions affected:4.1 to 4.1.2, 4.0 to 4.0.7, 3.11 to 3.11.13, 3.9 to 3.9.20 and earlier unsupported versionsVersions fixed:4.1.3, 4.0.8, 3.11.14 and 3.9.21Reported by:Paul HoldenCVE identifier:CVE-2023-30944Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77187Tracker issue:MDL-77187 Minor SQL
More info:
https://moodle.org/mod/forum/discuss.php?d=446286&parent=1793614
