Security update for php7 (moderate)

This update for php7 fixes the following issues: This security issue was fixed: - CVE-2018-17082: The Apache2 component in PHP allowed XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade was mishandled in the phphandler function bsc1108753 This non-security issu...

CentOS 7 : nss (CESA-2018:2768)

An update for nss is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CentOS 7 : 389-ds-base (CESA-2018:2757)

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CentOS 7 : flatpak (CESA-2018:2766)

An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 6 : firefox (RHSA-2018:2834)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2834 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

RHEL 7 : flatpak (RHSA-2018:2766)

An update for flatpak is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Oracle Linux 7 : flatpak (ELSA-2018-2766)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-2766 advisory. 0.8.8-4 - Add patch for CVE-2018-6560 1547376 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Moderate severity vulnerability that affects actionpack

Withdrawn, accidental duplicate publish. The httpbasicauthenticatewith method in actionpack/lib/actioncontroller/metal/httpauthentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and...

Duplicate Advisory: Moderate severity vulnerability that affects activemodel

Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-543v-gj2c-r3ch. This link is maintained to preserve external references. Original Description Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the...

Moderate severity vulnerability that affects actionpack

Withdrawn, accidental duplicate publish. Directory traversal vulnerability in actionpack/lib/actiondispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when servestaticassets is enabled, allows remo...

Mozilla Patches Critical Code Execution Bug in Firefox 62

Mozilla released nine fixes in its Wednesday launch of Firefox 62 for Windows, Mac and Android – including one for a critical glitch that could enable attackers to run arbitrary code. Overall, the latest version of the Firefox browser included fixes for the critical issue, three high-severity...

GHSA-5R76-CJF4-C9QX Moderate severity vulnerability that affects mayan-edms

An issue was discovered in Mayan EDMS before 3.0.2. The Cabinets app has XSS via a crafted cabinet label...

GHSA-FPCV-J2Q9-VQHW mayan-edms Cross-site Scripting vulnerability

An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.location directly, leading to XSS...

RHEL 7 : qemu-kvm-rhev (RHSA-2015:1931)

Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

RHEL 6 : Red Hat Single Sign-On 7.1 update on RHEL 6 (Moderate) (RHSA-2017:0872)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0872 advisory. Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-o...

RHEL 7 : samba (RHSA-2018:2613)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2613 advisory. Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol,...

RHEL 6 : Storage Server (RHSA-2018:2612) (deprecated)

Updated samba packages that fix several security issues and provide several bug fixes and an enhancement are now available for Red Hat Gluster Storage 3.4 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability...

RHEL 7 : qemu-kvm-rhev (RHSA-2016:1607)

An update for qemu-kvm-rhev is now available for RHEV-H and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 7 : Red Hat Single Sign-On 7.1 update on RHEL 7 (Moderate) (RHSA-2017:0873)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0873 advisory. Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-o...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 6.4.15 update on RHEL 7 (Moderate) (RHSA-2017:1253)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:1253 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBos...