lambdaisland/uri could allow bypassing security checks or
redirecting users.
Software Description:
- lambdaisland-uri-clojure: A pure Clojure/ClojureScript URI library.
Details:
It was discovered that lambdaisland/uri did not properly sanitize
the backslash character in URI strings. An attacker could possibly
use this issue to bypass security checks or redirect users.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 24.04 LTS
liblambdaisland-uri-clojure 1.13.95-2ubuntu0.24.04.1~esm2
Available with Ubuntu Pro
Ubuntu 22.04 LTS
liblambdaisland-uri-clojure 1.13.95-2ubuntu0.22.04.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8151-1
CVE-2023-28628
Get the latest Linux and open source security news straight to your inbox.