Fedora: Security Advisory (FEDORA-2023-aa46db07fd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-askama (FEDORA-2023-e9243281cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-comrak (FEDORA-2023-b37722768e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-askama_shared (FEDORA-2023-e9243281cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-comrak (FEDORA-2023-e9243281cb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-askama (FEDORA-2023-035d5910b9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-askama_shared (FEDORA-2023-035d5910b9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : rust-askama / rust-askama_shared / rust-comrak (2023-035d5910b9)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-035d5910b9 advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

Fedora 37 : rust-askama / rust-askama_shared / rust-comrak (2023-e9243281cb)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-e9243281cb advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

Fedora 36 : rust-askama / rust-askama_shared / rust-comrak (2023-b37722768e)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-b37722768e advisory. - Update comrak to version 0.18.0. - Disable the unused markdown support in askama and askamashared crates, which depends on an ancient version of...

CVE-2023-28631

creationtimestamp| type| source ---|---|--- 2023-03-29 00:46:13+00:00| seen| https://t.me/cibsecurity/60967...

CVE-2023-28631 Attacker controlled data in AST nodes is not validated in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

CVE-2023-28631 Attacker controlled data in AST nodes is not validated in comrak

comrak is a CommonMark + GFM compatible Markdown parser and renderer written in rust. A Comrak AST can be constructed manually by a program instead of parsing a Markdown document with parsedocument. This AST can then be converted to HTML via html::formatdocumentwithplugins. However, the HTML...

about-filter (>=0.1.0 <=0.1.1), askama (=0.12.0) +56 more potentially affected by CVE-2023-28631 via comrak (>=0.10.1 <=0.16.0)

comrak CARGO version =0.10.1, =0.1.0, =0.12.1, =1.0.0, =1.0.0, =0.1.0, =0.2.0, =0.2.1, =0.1.1, =0.1.0, =0.1.0, =0.5.5 and more Source cves: CVE-2023-28631 Source advisory: OSV:GHSA-5R3X-P7XX-X6Q5...

CVE-2022-28631

The CVE-2022-28631 issue affects HPE Integrated Lights-Out 5 (iLO 5) firmware prior to 2.71. The vulnerability enables an unprivileged, adjacent-network attacker to potentially execute arbitrary code in an isolated process, leading to loss of confidentiality, integrity, and availability within th...

CVE-2020-28631

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

UBUNTU-CVE-2020-28631

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2020-28631

Summary : CVE-2020-28631 is a code-execution vulnerability in CGAL libcgal CGAL-5.1.1, arising from the Nef polygon-parsing path. An attacker-supplied file can trigger an out-of-bounds read and type confusion, enabling potentially arbitrary code execution. The advisory text references specific oo...

CVE-2020-28631

Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any o...

CVE-2021-28631

Acrobat Reader DC versions versions 2021.001.20155 and earlier, 2020.001.30025 and earlier and 2017.011.30196 and earlier are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the curren...