Skip to content

2024-07-08, Version 22.4.1 (Current), @RafaelGSS

Compare
Choose a tag to compare
@RafaelGSS RafaelGSS released this 08 Jul 18:28
· 2088 commits to main since this release
v22.4.1

This is a security release.

Notable Changes

  • CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
  • CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
  • CVE-2024-22018 - fs.lstat bypasses permission model (Low)
  • CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low)
  • CVE-2024-37372 - Permission model improperly processes UNC paths (Low)

Commits