Security Advisories (formerly Vulnerability Notices)

Blog Articles

SA-2023-011 - sudoedit privilege escalation (CVE-2023-22809)

SummaryThe sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entri...

SA-2023-010 - OpenSSL (CVE-2021-3450)

Summary The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check t...

SA-2023-009 - OpenJDK Vulnerabilities Advisory

SummaryExtreme Networks is evaluating exposure to Oracle Java SE vulnerabilities enumerated in https://openjdk.org/groups/vulnerability/advisories/2022-04-19: CVE-2022-21426CVE-2022-21434CVE-2022-2144...