A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CVE-2021-3752: [PATCH 5.15 187/917] Bluetooth: fix use-after-free error in lock_sock_nested()

Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.

HP 218 Pro G5 MT PC

BIOS

Pending

Rev 1

Pending

Pending

HP 260 G3 Desktop Mini PC

BIOS

02.17.00

Rev 1

SP136322

https://ftp.hp.com/pub/softpaq/sp136001-136500/sp136322.exe

HP Desktop Pro 300 G3

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro A 300 G3

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro A G2

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro A G2 Microtower PC

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro A G3

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro A G3 Microtower PC

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro G3

BIOS

Pending

Rev 1

Pending

Pending

HP Desktop Pro G3 Microtower

BIOS

Pending

Rev 1

Pending

Pending

HP Elite Slice G2 - Audio Ready with Zoom Rooms

BIOS

Pending

Rev 1

Pending

Pending

HP Elite Slice G2 - Partner Ready with Microsoft Teams Rooms

BIOS

Pending

Rev 1

Pending

Pending

HP Elite Slice G2 with Microsoft Teams Rooms

BIOS

Pending

Rev 1

Pending

Pending

HP Elite Slice G2 with Intel Unite

BIOS

Pending

Rev 1

Pending

Pending

HP Elite Slice G2 with Zoom Rooms

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 705 G4 Desktop Mini PC

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 705 G4 Microtower PC

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 705 G4 Small Form Factor PC

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 705 G4 Workstation Edition

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 705 G5 Desktop Mini PC

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 705 G5 Small Form Factor PC

BIOS

Pending

Rev 1

Pending

Pending

HP EliteDesk 800 35W G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136969

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136969.exe

HP EliteDesk 800 65W G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136969

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136969.exe

HP EliteDesk 800 95W G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136969

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136969.exe

HP EliteDesk 800 G4 Small Form Factor PC

BIOS

02.18.00

Rev 1

SP137026

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137026.exe

HP EliteDesk 800 G4 Tower PC

BIOS

02.18.00

Rev 1

SP137026

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137026.exe

HP EliteDesk 800 G4 Workstation Edition

BIOS

02.18.00

Rev 1

SP137026

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137026.exe

HP EliteDesk 800 G5 Desktop Mini PC

BIOS

02.12.00

Rev 1

SP136850

Pending

HP EliteDesk 800 G5 Small Form Factor PC

BIOS

02.12.00

Rev 1

SP136994

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136994.exe

HP EliteDesk 800 G5 Tower PC

BIOS

02.12.00

Rev 1

SP136994

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136994.exe

HP EliteDesk 800 G6 Desktop Mini PC

BIOS

02.10.00

Rev 1

SP136986

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136986.exe

HP EliteDesk 800 G6 Small Form Factor PC

BIOS

02.10.00

Rev 1

SP137009

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137009.exe

HP EliteDesk 800 G6 Tower PC

BIOS

02.10.00

Rev 1

SP137009

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137009.exe

HP EliteDesk 800 G8 Desktop Mini PC

BIOS

02.07.00

Rev 1

SP136996

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136996.exe

HP EliteDesk 800 G8 Small Form Factor PC

BIOS

02.07.00

Rev 1

SP136990

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136990.exe

HP EliteDesk 800 G8 Tower PC

BIOS

02.07.00

Rev 1

SP136990

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136990.exe

HP EliteDesk 805 G6 Desktop Mini PC

BIOS

02.07.00

Rev 1

SP137021

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137021.exe

HP EliteDesk 805 G6 Small Form Factor PC

BIOS

02.07.00

Rev 1

SP136997

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136997.exe

HP EliteDesk 805 G8 Desktop Mini PC

BIOS

02.03.00

Rev 1

SP136981

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136981.exe

HP EliteDesk 805 G8 Small Form Factor PC

BIOS

02.03.00

Rev 1

SP136989

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136989.exe

HP EliteDesk 880 G4 Tower PC

BIOS

02.18.00

Rev 1

SP137026

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137026.exe

HP EliteDesk 880 G5 Tower PC

BIOS

02.12.00

Rev 1

SP136994

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136994.exe

HP EliteDesk 880 G6 Tower PC

BIOS

02.10.00

Rev 1

SP137009

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137009.exe

HP EliteDesk 880 G8 Tower PC

BIOS

02.07.00

Rev 1

SP136990

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136990.exe

HP EliteOne 1000 G2 23.8-in All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 1000 G2 23.8-in Touch All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 1000 G2 27-in 4K UHD All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 1000 G2 34-in Curved All-in-One Business PC

BIOS

02.18.00

Rev 1

SP136988

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136988.exe

HP EliteOne 800 G4 23.8-in Healthcare Edition All-in-One Business PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Non-Touch All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Non-Touch GPU All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Touch All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G4 23.8-inch Touch GPU All-in-One PC

BIOS

02.18.00

Rev 1

SP137015

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137015.exe

HP EliteOne 800 G5 23.8-in Healthcare Edition All-in-One

BIOS

02.12.00

Rev 1

SP137008

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137008.exe

HP EliteOne 800 G5 23.8-inch All-in-One

BIOS

02.12.00

Rev 1

SP137008

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137008.exe

HP EliteOne 800 G6 24 All-in-One PC

BIOS

02.10.00

Rev 1

SP137013

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137013.exe

HP EliteOne 800 G6 27 All-in-One PC

BIOS

02.10.00

Rev 1

SP137013

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137013.exe

HP EliteOne 800 G8 24 All-in-One PC

BIOS

02.07.00

Rev 1

SP137018

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137018.exe

HP EliteOne 800 G8 27 All-in-One PC

BIOS

02.07.00

Rev 1

SP137018

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137018.exe

HP ProDesk 400 G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136964

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136964.exe

HP ProDesk 400 G5 Desktop Mini PC

BIOS

02.12.00

Rev 1

SP136960

Pending

HP ProDesk 400 G5 Microtower PC

BIOS

02.18.00

Rev 1

SP137032

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137032.exe

HP ProDesk 400 G5 Small Form Factor PC

BIOS

02.18.00

Rev 1

SP136962

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136962.exe

HP ProDesk 400 G6 Desktop Mini PC

BIOS

02.10.00

Rev 1

SP136995

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136995.exe

HP ProDesk 400 G6 Microtower PC

BIOS

02.12.00

Rev 1

SP137000

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp137000.exe

HP ProDesk 400 G6 Small Form Factor PC

BIOS

02.12.00

Rev 1

SP136974

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136974.exe

HP ProDesk 400 G7 Microtower PC

BIOS

02.10.00

Rev 1

SP137011

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137011.exe

HP ProDesk 400 G7 Small Form Factor PC

BIOS

02.10.00

Rev 1

SP136972

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136972.exe

HP ProDesk 405 G4 Desktop Mini PC

BIOS

Pending

Rev 1

Pending

Pending

HP ProDesk 405 G4 Small Form Factor PC

BIOS

Pending

Rev 1

Pending

Pending

HP ProDesk 405 G6 Desktop Mini PC

BIOS

Pending

Rev 1

Pending

Pending

HP ProDesk 405 G6 Small Form Factor PC

BIOS

Pending

Rev 1

Pending

Pending

HP ProDesk 405 G8 Desktop Mini PC

BIOS

02.03.00

Rev 1

SP136980

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136980.exe

HP ProDesk 405 G8 Small Form Factor PC

BIOS

02.03.00

Rev 1

SP136991

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136991.exe

HP ProDesk 480 G5 Microtower PC

BIOS

02.18.00

Rev 1

SP137032

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137032.exe

HP ProDesk 480 G6 Microtower PC

BIOS

02.12.00

Rev 1

SP137000

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp137000.exe

HP ProDesk 480 G7 PCI Microtower PC

BIOS

02.10.00

Rev 1

SP137011

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137011.exe

HP ProDesk 600 G4 Desktop Mini PC

BIOS

02.18.00

Rev 1

SP136957

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136957.exe

HP ProDesk 600 G4 Microtower PC

BIOS

02.18.00

Rev 1

SP137030

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137030.exe

HP ProDesk 600 G4 Microtower PC (with PCI slot)

BIOS

02.18.00

Rev 1

SP137030

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137030.exe

HP ProDesk 600 G4 Small Form Factor PC

BIOS

02.18.00

Rev 1

SP136961

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136961.exe

HP ProDesk 600 G5 Desktop Mini PC

BIOS

02.12.00

Rev 1

SP136959

Pending

HP ProDesk 600 G5 Microtower PC

BIOS

02.12.00

Rev 1

SP136998

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136998.exe

HP ProDesk 600 G5 Microtower PC (with PCI slot)

BIOS

02.12.00

Rev 1

SP136998

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136998.exe

HP ProDesk 600 G5 Small Form Factor PC

BIOS

02.12.00

Rev 1

SP136973

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136973.exe

HP ProDesk 600 G6 Desktop Mini PC

BIOS

02.10.00

Rev 1

SP136993

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136993.exe

HP ProDesk 600 G6 Microtower PC

BIOS

02.10.00

Rev 1

SP137023

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137023.exe

HP ProDesk 600 G6 PCI Microtower PC

BIOS

02.10.00

Rev 1

SP137023

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137023.exe

HP ProDesk 600 G6 Small Form Factor PC

BIOS

02.10.00

Rev 1

SP136970

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136970.exe

HP ProDesk 680 G4 Microtower PC

BIOS

02.18.00

Rev 1

SP137030

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137030.exe

HP ProDesk 680 G4 Microtower PC (With PCI slot)

BIOS

02.18.00

Rev 1

SP137006

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137006.exe

HP ProDesk 680 G6 PCI Microtower PC

BIOS

02.10.00

Rev 1

SP137023

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137023.exe

HP ProOne 400 G4 20-inch Non-Touch All-in-One Business PC

BIOS

02.18.00

Rev 1

SP137033

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137033.exe

HP ProOne 400 G4 23.8-inch Non-Touch All-in-One Business PC

BIOS

02.18.00

Rev 1

SP137033

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137033.exe

HP ProOne 400 G5 20-inch All-in-One Business PC

BIOS

02.12.00

Rev 1

SP137012

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137012.exe

HP ProOne 400 G5 23.8-inch All-in-One Business PC

BIOS

02.12.00

Rev 1

SP137012

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137012.exe

HP ProOne 400 G6 20 All-in-One PC

BIOS

02.10.00

Rev 1

SP136954

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136954.exe

HP ProOne 400 G6 24 All-in-One PC

BIOS

02.10.00

Rev 1

SP136954

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136954.exe

HP ProOne 440 G4 23.8-inch Non-Touch All-in-One Business PC

BIOS

02.18.00

Rev 1

SP137033

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137033.exe

HP ProOne 440 G5 23.8-in All-in-One Business PC

BIOS

02.12.00

Rev 1

SP137012

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137012.exe

HP ProOne 440 G6 24 All-in-One PC

BIOS

02.10.00

Rev 1

SP136954

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136954.exe

HP ProOne 600 G4 21.5-inch Touch All-in-One Business PC

BIOS

02.18.00

Rev 1

SP137033

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137033.exe

HP ProOne 600 G5 21.5-in All-in-One Business PC

BIOS

02.12.00

Rev 1

SP137012

https://ftp.hp.com/pub/softpaq/sp137001-137500/sp137012.exe

HP ProOne 600 G6 22 All-in-One PC

BIOS

02.10.00

Rev 1

SP136954

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136954.exe

HP ZHAN 66 Pro A G1 Microtower PC

BIOS

Pending

Rev 1

Pending

Pending

HP ZHAN 66 Pro A G1 R Microtower PC

BIOS

Pending

Rev 1

Pending

Pending

HP ZHAN 66 Pro G1 R Microtower PC

BIOS

Pending

Rev 1

Pending

Pending

HP ZHAN 66 Pro G3 22 All-in-One PC

BIOS

02.10.00

Rev 1

SP136954

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136954.exe

HP ZHAN 66 Pro G3 24 All-in-One PC

BIOS

02.10.00

Rev 1

SP136954

https://ftp.hp.com/pub/softpaq/sp136501-137000/sp136954.exe

CVE-2021-39297: HP UEFI Firmware February 2022 Security Updates

Use After Free in NPM radare2.js prior to 5.6.2.

@@ -226,12 +226,18 @@ R\_API bool r\_io\_bank\_map\_add\_top(RIO \*io, const ut32 bankid, const ut32 mapid) {

r\_io\_submap\_set\_to (bd, r\_io\_submap\_from (sm) - 1);

entry = r\_rbnode\_next (entry);

}

while (entry && r\_io\_submap\_to (((RIOSubMap \*)entry->data)) <= r\_io\_submap\_to (sm)) {

ut64 smto = r\_io\_submap\_to (sm);

while (entry && r\_io\_submap\_to (((RIOSubMap \*)entry->data)) <= smto) {

//delete all submaps that are completly included in sm

RRBNode \*next = r\_rbnode\_next (entry);

// this can be optimized, there is no need to do search here

// XXX this is a workaround to avoid an UAF in Reproducer: iobank-crash

void \*smfree = bank->submaps\->free;

bank->submaps\->free = NULL;

bool a = r\_crbtree\_delete (bank->submaps, entry->data, \_find\_sm\_by\_from\_vaddr\_cb, NULL);

bank->submaps\->free = smfree;

if (!a) {

entry = NULL;

break;

}

entry = next;

CVE-2022-0559: Prefer memleak over usaf in io.bank's rbtree bug ##crash · radareorg/radare2@b5cb90b

In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF).

Um Unternehmen vor Hackern und Kriminellen zu schützen, müssen wir sicherstellen, dass unsere Fähigkeiten und Kenntnisse stets auf dem neuesten Stand sind. Deshalb ist die Sicherheitsforschung für unsere Arbeit ebenso wichtig wie der Aufbau einer Security Community zur Förderung des Wissensaustausches. Denn mehr Sicherheit kann nur erreicht werden, wenn viele sie zu ihrer Aufgabe machen.

Unsere CST Academy und das usd HeroLab sind wesentliche Bestandteile unserer Sicherheitsmission. Das Wissen, das wir in unserer praktischen Arbeit und durch unsere Forschung gewinnen, teilen wir in Schulungen und Publikationen. In diesem Zusammenhang veröffentlicht das usd HeroLab eine Reihe von Beiträgen zu aktuellen Schwachstellen und Sicherheitsproblemen – stets im Einklang mit den Leitsätzen unserer Responsible Disclosure Policy.

Immer im Namen unserer Mission: „more security“.

Hier finden Sie die Security Advisories der vergangenen Monate:

**09/2020**

**!!nicht bearbeiten!!**

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

**usd-2020-0048 (CVE-2020-24708) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Stored Cross-Site Scripting

More details: usd-2020-0048 (CVE-2020-24708)

**usd-2020-0049 (CVE-2020-24709) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Stored Cross-Site Scripting

More details: usd-2020-0049 (CVE-2020-24709)

**usd-2020-0050 (CVE-2020-24712) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: non-persistent self Cross-Site Scripting

More details: usd-2020-0050 (CVE-2020-24712)

**usd-2020-0051 (CVE-2020-24711) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Improper Restriction of Rendered UI Layers or Frames

More details: usd-2020-0051 (CVE-2020-24711)

**usd-2020-0052 (CVE-2020-24707) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: CSV Injection

More details: usd-2020-0052 (CVE-2020-24707)

**usd-2020-0053 (CVE-2020-24713) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Insufficient Session Expiration

More details: usd-2020-0053 (CVE-2020-24713)

**usd-2020-0054 (CVE-2020-24710) | Gophish**

Product: Gophish, Affected Version: v0.10.1  
Vulnerability Type: Stored Cross-Site Scripting

More details: usd-2020-0054 (CVE-2020-24710)

**usd-2020-0059 (CVE-2020-15862) | Net-SNMP**

Product: Net-SNMP, Affected Version: 5.7.3  
Vulnerability Type: Elevation of Privileges

More details: usd-2020-0059 (CVE-2020-15862)

**usd-2020-0060 (CVE-2020-15861) | Net-SNMP**

Product: Net-SNMP, Affected Version: 5.7.3  
Vulnerability Type: Elevation of Privileges

More details: usd-2020-0060 (CVE-2020-15861)

**07/2019**

**!!nicht bearbeiten!!**

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

**usd-2019-0001 | Adobe Experience Manager (AEM)**

Product: Adobe Experience Manager (AEM), Affected Version: 6.3.2.2  
Vulnerability Type: Code Injection

More details: usd-2019-0001

**usd-2019-0002 | feeling4design Super Forms**

Product: feeling4design Super Forms, Affected Version: Drag & Drop Form Builder/1.0.0 – 4.4.8  
Vulnerability Type: Path Traversal

More details: usd-2019-0002

**usd-2019-0003 | feeling4design Super Forms**

Product: feeling4design Super Forms, Affected Version: Drag & Drop Form Builder/1.6.1 – 4.4.8  
Vulnerability Type: Missing Server Side File Type Validation

More details: usd-2019-0003

**usd-2019-0014 | Oracle Transportation Management (OTM)**

Product: Oracle Transportation Management (OTM), Affected Version: 6.4.3  
Vulnerability Type: Reflected XSS

More details: usd-2019-0014

**usd-2019-0015 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: Broken Access Control

More details: usd-2019-0015

**usd-2019-0017 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: Sensitive Data Exposure/Credentials Disclosure

More details: usd-2019-0017

**usd-2019-0018 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: User Enumeration

More details: usd-2019-0018

**usd-2019-0019 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: File Enumeration

More details: usd-2019-0019

**usd-2019-0020 | Bitbucket**

Product: Bitbucket, Affected Version: 5.10.1  
Vulnerability Type: Sensitive Data in URL

More details: usd-2019-0020

**12/2018**

**Ihr Titel**

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

**usd-2018-0024 | Shpock App**

Product: Shpock App, Affected Version: Shpock App for Andriod & Iphone  
Vulnerability Type: Username Enumeration

More details: usd-2018-0024

**usd-2018-0025 (CVE-2018-7750) | SEP sesam**

Product: SEP sesam, Affected Version: 4.4.3.61  
Vulnerability Type: Authentication Bypass

More details: usd-2018-0025 (CVE-2018-7750)

**usd-2018-0026 (CVE-2018-18245) | Nagios Core**

Product: Nagios Core, Affected Version: 4.4.2  
Vulnerability Type: Stored XSS

More details: usd-2018-0026 (CVE-2018-18245)

**usd-2018-0027 (CVE-2018-18246) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: CSRF

More details: usd-2018-0027 (CVE-2018-18246)

**usd-2018-0028 (CVE-2018-18248) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: Reflected XSS

More details: usd-2018-0028 (CVE-2018-18248)

**usd-2018-0029 (CVE-2018-18247) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: Stored XSS

More details: usd-2018-0029 (CVE-2018-18247)

**usd-2018-0030 (CVE-2018-18249, CVE-2018-18250) | Icinga Web 2**

Product: Icinga Web 2, Affected Version: 2.6.1  
Vulnerability Type: Denial of Service, Sensitive Data disclosure

More details: usd-2018-0030 (CVE-2018-18249, CVE-2018-18250)

**usd-2018-0031 (CVE-2018-13376) | Fortigate 900D**

Product: Fortigate 900D, Affected Version: FW: V. 5.6.2 Build 1486 (GA)  
Vulnerability Type: Sensitive Data disclosure

More details: usd-2018-0031 (CVE-2018-13376)

CVE-2022-25241: Security Advisories - usd HeroLab

In Corda before 4.1, the meaning of serialized data can be modified via an attacker-controlled CustomSerializer.

CVE-2019-25057: Release notes

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM.

CVE-2019-16864: CompleteFTP: CompleteFTP revision history

Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used. IBM X-Force ID: 215593.

  

**Summary**

IBM Cognos Analytics Mobile is affected by security vulnerabilities. These have been addressed in IBM Cognos Analytics Mobile 1.1.14.

**Vulnerability Details**

**CVEID:**   CVE-2021-39080  
**DESCRIPTION:**   Due to weak obfuscation, IBM Cognos Analytics Mobile for Android application prior to version 1.1.14 , an attacker could be able to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used.  
CVSS Base score: 4.8  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/215593 for the current score.  
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

**CVEID:**   CVE-2021-39079  
**DESCRIPTION:**   IBM Cognos Analytics Mobile is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  
CVSS Base score: 5.4  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/215592 for the current score.  
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

**CVEID:**   CVE-2021-39081  
**DESCRIPTION:**   IBM Cognos Analytics Mobile for Android uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.  
CVSS Base score: 5.9  
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/215594 for the current score.  
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

**Affected Products and Versions**

IBM Cognos Analytics Mobile 1.1.x

**Workarounds and Mitigations**

None

**References**

Off

**Acknowledgement**

**Change History**

11 Feb 2022: Initial Publication

\*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

**Disclaimer**

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

**Document Location**

Worldwide

\[{"Business Unit":{"code":"BU059","label":"IBM Software w\\/o TPS"},"Product":{"code":"SSTSF6","label":"Cognos Analytics"},"Component":"Cognos Mobile","Platform":\[{"code":"PF003","label":"Android"},{"code":"PF014","label":"iOS"}\],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}\]

CVE-2021-39080: IBM Cognos Analytics Mobile is affected by security vulnerabilties

In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference.

Description Wenqing Liu 2021-12-06 04:12:56 UTC

Created attachment 299909 \[details\]
crafted image and .config file

- Overview 
kernel NULL pointer dereference triggered  in folio\_mark\_dirty() when mount and operate on a crafted f2fs image

- Reproduce 
tested on kernel 5.16-rc3, 5.15.X under root

# mkdir mnt
# mount -t f2fs tmp1.img mnt
# touch tmp
# cp tmp mnt

- Kernel dump
\[   41.932734\] F2FS-fs (loop0): sanity\_check\_inode: inode (ino=49) extent info \[5942, 4294180864, 4\] is incorrect, run fsck to fix
\[   41.932743\] F2FS-fs (loop0): Inconsistent error blkaddr:5942, sit bitmap:0
\[   41.932811\] ------------\[ cut here \]------------
\[   41.932811\] WARNING: CPU: 0 PID: 910 at fs/f2fs/checkpoint.c:154 f2fs\_is\_valid\_blkaddr+0x1d6/0x390 \[f2fs\]
\[   41.932824\] Modules linked in: f2fs crc32\_generic joydev input\_leds serio\_raw qemu\_fw\_cfg iscsi\_tcp libiscsi\_tcp libiscsi scsi\_transport\_iscsi autofs4 btrfs blake2b\_generic zstd\_compress raid10 raid456 async\_raid6\_recov async\_memcpy async\_pq async\_xor async\_tx xor raid6\_pq raid1 raid0 multipath linear qxl drm\_ttm\_helper ttm drm\_kms\_helper syscopyarea sysfillrect sysimgblt fb\_sys\_fops drm crct10dif\_pclmul crc32\_pclmul ghash\_clmulni\_intel hid\_generic psmouse usbhid hid aesni\_intel crypto\_simd cryptd
\[   41.932840\] CPU: 0 PID: 910 Comm: cp Tainted: G        W         5.16.0-rc3 #2
\[   41.932842\] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014
\[   41.932842\] RIP: 0010:f2fs\_is\_valid\_blkaddr+0x1d6/0x390 \[f2fs\]
\[   41.932853\] Code: fe ff ff 83 fb 07 0f 85 bb fe ff ff 0f b6 c8 89 ea 48 c7 c6 c8 1b 70 a0 4c 89 e7 88 04 24 e8 31 52 ff ff f0 41 80 4c 24 48 04 <0f> 0b 0f b6 04 24 e9 92 fe ff ff 83 fa 09 0f 85 15 01 00 00 48 8b
\[   41.932854\] RSP: 0018:ffffc90000687968 EFLAGS: 00010206
\[   41.932855\] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 0000000000000001
\[   41.932855\] RDX: 0000000000000000 RSI: ffffffff8232a839 RDI: 00000000ffffffff
\[   41.932856\] RBP: 0000000000001736 R08: 0000000000000000 R09: 0000000000000001
\[   41.932857\] R10: 00000009cb0c1476 R11: 0000000000000001 R12: ffff888110275000
\[   41.932857\] R13: 0000000000004000 R14: ffff888105f460f0 R15: ffff888110f4a000
\[   41.932858\] FS:  00007f3530f15800(0000) GS:ffff8882f5c00000(0000) knlGS:0000000000000000
\[   41.932859\] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
\[   41.932860\] CR2: 0000562fdc7b15c8 CR3: 000000010319c002 CR4: 0000000000370ef0
\[   41.932862\] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
\[   41.932863\] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
\[   41.932863\] Call Trace:
\[   41.932864\]  <TASK>
\[   41.932865\]  f2fs\_iget+0xeee/0x11b0 \[f2fs\]
\[   41.932874\]  do\_garbage\_collect+0xf0f/0x16a0 \[f2fs\]
\[   41.932886\]  ? \_raw\_spin\_lock+0x13/0x30
\[   41.932888\]  f2fs\_gc+0x1d3/0xd90 \[f2fs\]
\[   41.932899\]  ? \_raw\_spin\_unlock+0x16/0x30
\[   41.932901\]  ? f2fs\_balance\_fs+0x13a/0x570 \[f2fs\]
\[   41.932915\]  f2fs\_balance\_fs+0x13a/0x570 \[f2fs\]
\[   41.932927\]  ? \_raw\_spin\_lock+0x13/0x30
\[   41.932929\]  ? \_\_d\_instantiate+0x34/0xf0
\[   41.932931\]  f2fs\_create+0x285/0x840 \[f2fs\]
\[   41.932940\]  path\_openat+0xe6d/0x1040
\[   41.932943\]  do\_filp\_open+0xc5/0x140
\[   41.932945\]  ? \_\_check\_object\_size+0xd4/0x1a0
\[   41.932948\]  ? \_raw\_spin\_unlock+0x16/0x30
\[   41.932949\]  ? do\_sys\_openat2+0x23a/0x310
\[   41.932950\]  do\_sys\_openat2+0x23a/0x310
\[   41.932952\]  do\_sys\_open+0x57/0x80
\[   41.932953\]  do\_syscall\_64+0x37/0xb0
\[   41.932955\]  entry\_SYSCALL\_64\_after\_hwframe+0x44/0xae
\[   41.932956\] RIP: 0033:0x7f35303e4d5e
\[   41.932957\] Code: 25 00 00 41 00 3d 00 00 41 00 74 48 48 8d 05 91 0c 2e 00 8b 00 85 c0 75 69 89 f2 b8 01 01 00 00 48 89 fe bf 9c ff ff ff 0f 05 <48> 3d 00 f0 ff ff 0f 87 a6 00 00 00 48 8b 4c 24 28 64 48 33 0c 25
\[   41.932958\] RSP: 002b:00007ffe4b2cb810 EFLAGS: 00000246 ORIG\_RAX: 0000000000000101
\[   41.932959\] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f35303e4d5e
\[   41.932960\] RDX: 00000000000000c1 RSI: 0000561d23a37cc0 RDI: 00000000ffffff9c
\[   41.932961\] RBP: 00007ffe4b2cbcb0 R08: 00007ffe4b2cbe70 R09: 0000000000000000
\[   41.932961\] R10: 00000000000001a4 R11: 0000000000000246 R12: 00007ffe4b2cbe70
\[   41.932962\] R13: 0000000000000000 R14: 00007ffe4b2cbe00 R15: 00007ffe4b2cc7b4
\[   41.932963\]  </TASK>
\[   41.932964\] ---\[ end trace 1bf4370a7a01de20 \]---
\[   41.932965\] F2FS-fs (loop0): sanity\_check\_inode: inode (ino=49) extent info \[5942, 4294180864, 4\] is incorrect, run fsck to fix
\[   41.933060\] F2FS-fs (loop0): f2fs\_check\_nid\_range: out-of-range nid=31340049, run fsck to fix.
\[   41.934251\] BUG: kernel NULL pointer dereference, address: 0000000000000000
\[   41.934338\] #PF: supervisor instruction fetch in kernel mode
\[   41.934409\] #PF: error\_code(0x0010) - not-present page
\[   41.934484\] PGD 0 P4D 0 
\[   41.934561\] Oops: 0010 \[#1\] PREEMPT SMP NOPTI
\[   41.934646\] CPU: 1 PID: 910 Comm: cp Tainted: G        W         5.16.0-rc3 #2
\[   41.934741\] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.13.0-1ubuntu1.1 04/01/2014
\[   41.934893\] RIP: 0010:0x0
\[   41.935041\] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
\[   41.935174\] RSP: 0018:ffffc90000687928 EFLAGS: 00010246
\[   41.935314\] RAX: 0000000000000000 RBX: ffffea000478be40 RCX: 0000000000000001
\[   41.935456\] RDX: 0017ffffc0000015 RSI: 0000000000000000 RDI: ffffea000478be40
\[   41.935604\] RBP: ffff888105f44680 R08: ffffc90000687808 R09: 0000000000000000
\[   41.935818\] R10: 000000003ee1af28 R11: 0000000000000001 R12: 00000000fffffffe
\[   41.935993\] R13: ffffea000478be68 R14: 0017ffffc0000015 R15: ffff888105f44680
\[   41.936163\] FS:  00007f3530f15800(0000) GS:ffff8882f5c80000(0000) knlGS:0000000000000000
\[   41.936344\] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
\[   41.936540\] CR2: ffffffffffffffd6 CR3: 000000010319c006 CR4: 0000000000370ee0
\[   41.936738\] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
\[   41.936950\] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
\[   41.937254\] Call Trace:
\[   41.937470\]  <TASK>
\[   41.937683\]  folio\_mark\_dirty+0x33/0x50
\[   41.937935\]  move\_data\_page+0x2dd/0x460 \[f2fs\]
\[   41.938188\]  do\_garbage\_collect+0xc18/0x16a0 \[f2fs\]
\[   41.938412\]  ? \_raw\_spin\_lock+0x13/0x30
\[   41.938628\]  f2fs\_gc+0x1d3/0xd90 \[f2fs\]
\[   41.938856\]  ? \_raw\_spin\_unlock+0x16/0x30
\[   41.939078\]  ? f2fs\_balance\_fs+0x13a/0x570 \[f2fs\]
\[   41.939321\]  f2fs\_balance\_fs+0x13a/0x570 \[f2fs\]
\[   41.939568\]  ? \_raw\_spin\_lock+0x13/0x30
\[   41.939802\]  ? \_\_d\_instantiate+0x34/0xf0
\[   41.940040\]  f2fs\_create+0x285/0x840 \[f2fs\]
\[   41.940290\]  path\_openat+0xe6d/0x1040
\[   41.940536\]  do\_filp\_open+0xc5/0x140
\[   41.940782\]  ? \_\_check\_object\_size+0xd4/0x1a0
\[   41.941034\]  ? \_raw\_spin\_unlock+0x16/0x30
\[   41.941288\]  ? do\_sys\_openat2+0x23a/0x310
\[   41.941582\]  do\_sys\_openat2+0x23a/0x310
\[   41.941842\]  do\_sys\_open+0x57/0x80
\[   41.942290\]  do\_syscall\_64+0x37/0xb0
\[   41.942607\]  entry\_SYSCALL\_64\_after\_hwframe+0x44/0xae
\[   41.942881\] RIP: 0033:0x7f35303e4d5e
\[   41.943156\] Code: 25 00 00 41 00 3d 00 00 41 00 74 48 48 8d 05 91 0c 2e 00 8b 00 85 c0 75 69 89 f2 b8 01 01 00 00 48 89 fe bf 9c ff ff ff 0f 05 <48> 3d 00 f0 ff ff 0f 87 a6 00 00 00 48 8b 4c 24 28 64 48 33 0c 25
\[   41.943761\] RSP: 002b:00007ffe4b2cb810 EFLAGS: 00000246 ORIG\_RAX: 0000000000000101
\[   41.944078\] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f35303e4d5e
\[   41.944403\] RDX: 00000000000000c1 RSI: 0000561d23a37cc0 RDI: 00000000ffffff9c
\[   41.944762\] RBP: 00007ffe4b2cbcb0 R08: 00007ffe4b2cbe70 R09: 0000000000000000
\[   41.945195\] R10: 00000000000001a4 R11: 0000000000000246 R12: 00007ffe4b2cbe70
\[   41.945631\] R13: 0000000000000000 R14: 00007ffe4b2cbe00 R15: 00007ffe4b2cc7b4
\[   41.946058\]  </TASK>
\[   41.946479\] Modules linked in: f2fs crc32\_generic joydev input\_leds serio\_raw qemu\_fw\_cfg iscsi\_tcp libiscsi\_tcp libiscsi scsi\_transport\_iscsi autofs4 btrfs blake2b\_generic zstd\_compress raid10 raid456 async\_raid6\_recov async\_memcpy async\_pq async\_xor async\_tx xor raid6\_pq raid1 raid0 multipath linear qxl drm\_ttm\_helper ttm drm\_kms\_helper syscopyarea sysfillrect sysimgblt fb\_sys\_fops drm crct10dif\_pclmul crc32\_pclmul ghash\_clmulni\_intel hid\_generic psmouse usbhid hid aesni\_intel crypto\_simd cryptd
\[   41.948320\] CR2: 0000000000000000
\[   41.948750\] ---\[ end trace 1bf4370a7a01de21 \]---
\[   41.949238\] RIP: 0010:0x0
\[   41.949648\] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
\[   41.950064\] RSP: 0018:ffffc90000687928 EFLAGS: 00010246
\[   41.950408\] RAX: 0000000000000000 RBX: ffffea000478be40 RCX: 0000000000000001
\[   41.950754\] RDX: 0017ffffc0000015 RSI: 0000000000000000 RDI: ffffea000478be40
\[   41.951098\] RBP: ffff888105f44680 R08: ffffc90000687808 R09: 0000000000000000
\[   41.951439\] R10: 000000003ee1af28 R11: 0000000000000001 R12: 00000000fffffffe
\[   41.951778\] R13: ffffea000478be68 R14: 0017ffffc0000015 R15: ffff888105f44680
\[   41.952118\] FS:  00007f3530f15800(0000) GS:ffff8882f5c80000(0000) knlGS:0000000000000000
\[   41.952555\] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
\[   41.953157\] CR2: ffffffffffffffd6 CR3: 000000010319c006 CR4: 0000000000370ee0
\[   41.953687\] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
\[   41.954237\] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Comment 2 Wenqing Liu 2021-12-07 04:49:33 UTC

Thank you for your prompt reply.The bug disappeared after patched the kernel with the fixes.

Comment 3 Chao Yu 2021-12-12 04:05:23 UTC

Thanks for the verification. :)

CVE-2021-44879: 215231 – kernel NULL pointer dereference triggered in folio_mark_dirty() when mount and operate on a crafted f2fs image

The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file that was just opened (due to a misunderstanding of the QProcess API, that was never intended). This can be an untrusted directory.

![Editing code with Kate](https://cdn.kde.org/screenshots/kate/kate.png)

Kate is a multi-document, multi-view text editor by KDE. It features stuff like codefolding, syntaxhighlighting, dynamic word wrap, an embedded console, an extensive plugin interface and some preliminary scripting support.

Features:

*   MDI, window splitting, window tabbing
*   Spell checking
*   CR, CRLF, LF newline support
*   Encoding support (utf-8, utf-16, ascii etc.)
*   Encoding conversion
*   Regular expression based find & replace
*   Powerful syntax highlighting and bracket matching
*   Code and text folding
*   Infinite undo/redo support
*   Block selection mode
*   Auto indentation
*   Auto completion support
*   Shell integration
*   Wide protocol support (http, ftp, ssh, webdav etc.) using kioslaves
*   Plugin architecture for the application and editor component
*   Customizable shortcuts
*   Integrated command line
*   Scriptable using JavaScript

![](https://apps.kde.org/store_badges/appstream.svg)

This button only works with Discover and other AppStream application stores. You can also use your distribution’s package manager.

![Get it from the Snap Store](https://apps.kde.org/store_badges/snapstore/en.svg)

![Get it from Microsoft](https://apps.kde.org/store_badges/msstore/en.svg)

Kate Windows installers are also available to download from the binary-factory. These versions don’t contain the translations and are intended for testing purpose. Get involved and help us make them better!

*   Stable version. Generated from the latest version of the stable branch. Contains the latest bugfixes.
*   Unstable version. Generated from the latest version of the development branch.

**Releases RSS**

21.12.2 2022-02-03

21.12.1 2022-01-06

21.12.0 2021-12-09

21.08.3 2021-11-04

**Extensions**

Tag

#ios