EdgeRover Desktop App Version 1.10.0-656


WDC Tracking Number: WDC-22010
Product Line: EdgeRover
Published: July 15, 2022

Last Updated: July 15, 2022

Description

EdgeRover 1.10.0-656 includes two security fixes to help keep your content secure. Western Digital advises all customers to update their EdgeRover app to the latest version.

Product Impact
Minimum Fix Version
Last Updated
EdgeRover Mac Desktop App
July 8, 2022
EdgeRover Windows Desktop App
July 8, 2022

Advisory Summary

Addressed multiple libtiff null pointer dereference vulnerabilities by updating the version to 4.4.0.

CVE Number: CVE-2022-0562, CVE-2022-0561, CVE-2022-0865

Addressed an improper input validation and out-of-bounds write vulnerability in TensorFlow which is an open-source platform for machine learning. An attacker could pass negative values to cause a segmentation fault-based denial-of-service attack. Certain components also did not validate input arguments which could also trigger a denial-of-service attack.

CVE Number: CVE-2022-29191, CVE-2022-29213, CVE-2022-29208