Adobe issues emergency patch for critical ColdFusion vulnerabilities


Charlie Osborne

25 September 2019 at 13:43 UTC

Updated: 08 October 2019 at 13:48 UTC

Users are being urged to update their builds to resolve three serious security flaws

Adobe has released an out-of-band patch to quickly resolve a trio of security vulnerabilities in ColdFusion, two of which are deemed critical.

Adobe said in a security advisory that ColdFusion 2016 and 2018 on all platforms are affected.

The web application development platform’s emergency patch, released on Tuesday (September 24), addresses potential malicious code execution, access control bypass, and data leaks.

The first vulnerability, and arguably the most dangerous, is CVE-2019-8073. The critical security flaw is a…


Source link

About coldfusion

Check Also

25 CVEs That NSA Want You to Patch Right Now

Tuesday, October 20th, wasn’t your usual Patch Tuesday announcement from Microsoft. Instead, this announcement came …

Leave a Reply

Your email address will not be published. Required fields are marked *