3 matches found
CVE-2022-29849
CVE-2022-29849 affects Progress OpenEdge; vulnerable in OpenEdge versions before 11.7.14 and 12.x before 12.2.9 due to privilege-escalation risk from certain SUID binaries. Local attackers could elevate privileges on the affected system. Remediation: upgrade to OpenEdge 11.7.14 or later, or 12.2....
CVE-2023-40051
CVE-2023-40051 affects Progress Application Server (PAS) for OpenEdge. A WEB transport request can allow unintended file uploads to a server directory path on the PASOE host, potentially enabling a later attack if the uploaded payload is exploitable. Affected versions are 11.7 before 11.7.18, 12....
CVE-2023-40052
CVE-2023-40052 affects Progress Application Server (PAS) for OpenEdge. A malformed web request can crash a PASOE agent, potentially disrupting thread activities of multiple web application clients and causing DoS due to flooding of invalid requests. Affected versions are 11.7 < 11.7.18, 12.2