[SECURITY] Fedora 35 Update: pack-0.27.0-2.fc35

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

Apache SkyWalking Denial of Service Vulnerability

Apache SkyWalking is an application performance monitor from the Apache Foundation that is primarily used in environments such as microservices, cloud-native and container-based. A denial of service vulnerability exists in Apache SkyWalking NodeJS Agent prior to version 0.5.1, which stems from an...

Oracle Java SE Multiple Vulnerabilities (July 2022 CPU)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2022 CPU advisory: - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot...

This Week in Spring - July 19th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! This week Im trying to wind down some threads and take some vacation with my family. Its going to be an amazing time, indeed! But that doesnt stop the deluge of novelties and news in the wide world of Springdom, so weve got a...

Fedora: Security Advisory for golang-github-haproxytech-client-native (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: nats-server-2.1.9-6.fc35

A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...

Fedora: Security Advisory for pack (FEDORA-2022-ba365d3703)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Regular Expression Denial of Service (ReDoS)

Overview react-native-reanimated is a More powerful alternative to Animated library for React Native. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to improper usage of regular expression in the parser of Colors.js. PoC js new...

@toggled-apps/react-native-collapsible-scroll (>=1.0.0 <=1.0.2), @toggled-apps/react-native-product-carousel (=1.0.3) +9 more potentially affected by CVE-2022-24373 via react-native-reanimated (>=2.0.0-rc.0 <=2.0.1)

react-native-reanimated NPM version =2.0.0-rc.0, =1.0.0, =1.0.0, =41.0.0, =41.0.0, =1.0.0, =1.1.0, =1.1.2 - ui-ux =0.0.1 Source cves: CVE-2022-24373 Source advisory: SNYK:JS-REACTNATIVEREANIMATED-2949507...

[SECURITY] Fedora 36 Update: pack-0.27.0~rc1-4.fc36

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

WithSecure Endpoint Protection 安全漏洞

WithSecure Endpoint Protection is a cloud-native, AI-powered endpoint protection from Finland's WithSecure. It can be deployed instantly from a browser and easily managed from a single console. WithSecure Endpoint Protection suffers from a security vulnerability that stems from the fact that an...

Fedora: Security Advisory for pack (FEDORA-2022-53e0f427dd)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: pack-0.27.0-1.fc36

pack is a CLI implementation of the Platform Interface Specification for Cloud Native Buildpacks...

Fedora: Security Advisory for golang-github-haproxytech-client-native (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-j-keck-arping (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

This Week in Spring - July 5th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! This weeks all sorts of weird for me. Its Tuesday! But here in the US we just celebrated the 4th of July, and I, like many Americans, took a long weekend. Took some time with the family to do a little road trip up north to...

USN-5479-2 php7.0 vulnerabilities

USN-5479-1 fixed vulnerabilities in PHP. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Charles Fol discovered that PHP incorrectly handled initializing certain arrays when handling the pgqueryparams function. A remote attacker could use this issue...

php: password of excessive length triggers buffer overflow leading to RCE

A buffer overflow vulnerability was found in PHP when processing passwords in mysqlnd/pdo in mysqlndwireprotocol.c. When using the pdomysql extension with mysqlnd driver, if the third party is allowed to supply a MySQL database server password in the mysqlnd driver to the host for the connection,...

[SECURITY] Fedora 36 Update: nats-server-2.1.9-6.fc36

A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation CNCF...

react-native-url-preview (>=1.1.1 <=1.1.9), react-native-url-preview-tgp (=1.1.9) +1 more potentially affected by CVE-2022-25876 via link-preview-js (>=1.6.0 <=2.1.13)

link-preview-js NPM version =1.6.0, =1.1.1, =2.1.4, =2.2.0 Source cves: CVE-2022-25876 Source advisory: OSV:GHSA-H9CW-7G8J-H66H...