Fedora Update for virt-bootstrap FEDORA-2019-2084f9e721

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : virt-bootstrap (2019-2084f9e721)

Update to new upstream release: 1.1.1 Security fix for CVE-2019-13314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 29 : virt-bootstrap (2019-e465ec0651)

Update to new upstream release: 1.1.1 Security fix for CVE-2019-13314 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

[SECURITY] Fedora 29 Update: virt-bootstrap-1.1.1-1.fc29

Provides a way to create the root file system to use for libvirt containers...

[SECURITY] Fedora 30 Update: virt-bootstrap-1.1.1-1.fc30

Provides a way to create the root file system to use for libvirt containers...

virt-bootstrap Information Disclosure Vulnerability

virt-bootstrap is a tool to set the root filesystem for libvirt-based containers. An information disclosure vulnerability exists in virt-bootstrap version 1.1.0. The vulnerability stems from an error in the configuration, etc. of a networked system or product during operation. An unauthorized...

CVE-2019-13314

virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virtbootstrap.py...

CVE-2019-13314

virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virtbootstrap.py...

Design/Logic Flaw

virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virtbootstrap.py...

CVE-2019-13314

Concrete details found: CVE-2019-13314 affects virt-bootstrap; workaround/fix is delivered via openSUSE/SUSE-2020 security updates (openSUSE-2020-1856, 1787) for virt-bootstrap, addressing that the container root password could be supplied through a file. The patches fix the vulnerability by prev...

CVE-2019-13314

virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virtbootstrap.py...

Arbitrary File Deletion Vulnerability in FastAdmi

FastAdmin is a system backend development framework based on ThinkPHP and Bootstrap. FastAdmin system backend arbitrary file deletion vulnerability, an attacker can exploit the vulnerability to delete arbitrary files...

bootstrap: XSS in the data-target attribute

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

bootstrap: XSS in the affix configuration target property

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...

bootstrap: XSS in the tooltip data-viewport attribute

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...

bootstrap: XSS in the data-target attribute

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting...

bootstrap: XSS in the tooltip data-viewport attribute

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hosting W...

bootstrap: XSS in the tooltip or popover data-template attribute

A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired...

bootstrap: XSS in the affix configuration target property

A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim's Web browser within the security context of the hostin...