內容說明：

CISA於6/24至6/30在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。

影響平台：

受影響廠商與產品名稱如下：
GeoSolutionsGroup｜JAI-EXT
Linux｜Kernel
Roundcube｜Webmail

處置建議：

修補說明請參考以下官方連結：
GeoSolutionsGroup｜JAI-EXT
此漏洞影響產品為開源套件，實際修補方式請參考各家廠商的說明，需要更多資訊可參考以下網址：
https://github.com/geosolutions-it/jai-ext/releases/tag/1.1.22
https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx
Linux｜Kernel
此漏洞影響產品為開源套件，實際修補方式請參考各家廠商的說明，需要更多資訊可參考以下網址：
https://seclists.org/oss-sec/2022/q3/131
Roundcube｜Webmail
https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12

CVE編號：

CVE-2020-13965
CVE-2022-2586
CVE-2022-24816

參考資料：

https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://nvd.nist.gov/vuln/detail/CVE-2020-13965
https://nvd.nist.gov/vuln/detail/CVE-2022-2586
https://nvd.nist.gov/vuln/detail/CVE-2022-24816
https://github.com/geosolutions-it/jai-ext/releases/tag/1.1.22
https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx
https://seclists.org/oss-sec/2022/q3/131
https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12
新聞來源：https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alerts/1562/
發布日期：10/07/2024