769 matches found
Security update for orc
This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
SUSE-SU-2025:20060-1 Security update for orc
This update for orc fixes the following issues: - CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages bsc1228184...
Security update for orc
This update for orc fixes the following issues: CVE-2024-40897: Fixed a stack-based buffer overflow when formatting error messages bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...
The vulnerability of the CleanNode() function in the gdoc.c component of the HTML formatting tool allows a hacker to trigger a service failure.
The vulnerability of the CleanNode function in the gdoc.c component of the HTML formatting tool Tidy is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...
Security update for orc
This update for orc fixes the following issues: CVE-2024-40897: Fixed stack-based buffer overflow in the Orc compiler when formatting error messages for certain input files bsc1228184 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
USN-7244-1: Jinja2 vulnerabilities
It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...
USN-7244-1 jinja2 vulnerabilities
It was discovered that Jinja2 incorrectly handled certain filenames when compiling template content. An attacker could possibly use this issue to execute arbitrary code. CVE-2024-56201 It was discovered that Jinja2 incorrectly handled string formatting calls. An attacker could possibly use this...
CLSA-2025-1737153872 vim: Fix of CVE-2023-0433
CVE-2023-0433: check for not going over the end of the line to fix reading past the end of a line when formatting text...
firefox: thunderbird: Use-after-free when breaking lines in text
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash...
Amazon Linux 2 : libxml2 (ALAS-2024-2717)
The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2717 advisory. An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...
kernel: s390/dasd: fix error recovery leading to data corruption on ESE devices
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient ESE or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasdeseneedsformat function checks for...
Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2024-783)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-783 advisory. An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in...
Backdrop CMS 安全漏洞
Backdrop CMS is a content management system CMS from Backdrop CMS open source. A security vulnerability exists in Backdrop CMS version 1.28.X prior to 1.28.4 and version 1.29.X prior to 1.29.2, which stems from a text formatting that allows the use of SVG markup, which makes it vulnerable to...
Zabbix 格式化字符串错误漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A Formatting String Error vulnerability exists in Zabbix versions 6.0.0 through 6.0.33, 6.4.0 through 6.4.18, and 7.0.0 through 7.0.3,...
This Week in Spring - November 19th, 2024
Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...
K000148401: libxml2 vulnerability CVE-2024-34459
Security Advisory Description An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. CVE-2024-34459 Impact There is no impact; F5 products ar...
EulerOS Virtualization 2.12.1 : libxml2 (EulerOS-SA-2024-2755)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...
EulerOS Virtualization 2.12.0 : libxml2 (EulerOS-SA-2024-2773)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...
Zend Server 格式化字符串错误漏洞
Zend Server is a complete and certified PHP distribution stack from Zend USA. A security vulnerability exists in Zend Server that stems from the inclusion of a formatting string injection issue...
OESA-2024-2243 fop security update
FOP Formatting Objects Processor is a print formatter driven by XSL formatting objects XSL-FO and an output independent formatter. It is a Java application that reads a formatting object FO tree and renders the resulting pages to a specified output. Output formats currently supported include PDF,...