nodejs:22 security update

nodejs 1:22.15.0-1 - Update to 22.15.0 - Drop upstream patches Resolves: RHEL-87319 RHEL-86586 1:22.13.1-4 - Patch fix for sqlite CVE-2025-31498 Resolves: RHEL-87319 1:22.13.1-3 - Update c-ares to newest version with fix for CVE-2025-31498 Resolves: RHEL-86586 1:22.13.1-2 - Remove obsolete lua...

CVE-2021-1021

In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

✍️ Description Attacker is able to disable a user notification if a logged in user visits attacker website. 🕵️‍♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your notification is disabled history.pushState'', '', '/' document.forms0.submit; 💥 Impact This...