RLSA-2022:7129 Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

ALSA-2022:7129 Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

Moderate: git-lfs security and bug fix update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension...

Chamilo LMS 代码问题漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS version 1.11.16, which allows...

OPENSUSE-SU-2022:10140-1 Security update for lighttpd

This update for lighttpd fixes the following issues: lighttpd was updated to 1.4.67: Update comment about TCPINFO on OpenBSD modajp13 fix crash with bad response headers fixes 3170 core handle RDHUP when collecting chunked body CVE-2022-41556 boo1203872 core tweak streaming request body to backen...

Fedora: Security Advisory for git-lfs (FEDORA-2022-5ef0bd9a27)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: git-lfs-3.1.2-5.fc36

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server...

Fedora: Security Advisory for git-lfs (FEDORA-2022-ba365d3703)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Mattermost 资源管理错误漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. Mattermost 6.7.0 and earlier versions are vulnerable to a resource management error, which stems from the inability of the Slack import feature to properly limit the size of imported files, and can be exploited to import...

[SECURITY] Fedora 36 Update: git-lfs-3.1.2-4.fc36

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server...

Denial Of Service (DoS)

github.com/argoproj/argo-cd is vulnerable to denial of service DoS attacks. A remote authenticated attacker with permission to deploy applications from a repository which contains a large file, is able to cause denial of service conditions due to an uncontrolled memory consumption bug...

GHSA-R2PG-W96P-PCPJ ws-xmlrpc DoS Vulnerability

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

ws-xmlrpc DoS Vulnerability

The Content-Encoding HTTP header feature in ws-xmlrpc 3.1.3 as used in Apache Archiva allows remote attackers to cause a denial of service resource consumption by decompressing a large file containing zeroes...

Vulnerabilities fixed in Asterisk

Vulnerabilities have been fixed in Asterisk and Certified Asterisk. These vulnerabilities potentially allow a malicious party to perform an SQL injection attack, issue arbitrary requests or download send arbitrary requests or download larger than allowed files. Asterisk has made updates available...

CVE-2022-27819

SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service memory exhaustion upon an attempt to parse a large or infinite file such as a block or character device...

OPENSUSE-SU-2022:0774-1 Security update for tcpdump

This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files bsc1195825...

GSD-2022-1000486 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.10 by commit...

GSD-2022-1000411 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes

NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...

GHSA-52VV-3VF7-F7WH Server-Side Request Forgery and Uncontrolled Resource Consumption in LemMinX

A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file...

SUSE-SU-2022:14890-1 Security update for tcpdump

This update for tcpdump fixes the following issues: - CVE-2018-16301: Fixed segfault when handling large files bsc1195825...