Fedora: Security Advisory for golang-github-pquerna-ffjson (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-tinylib-msgp-1.1.5-6.fc36

This is a code generation tool and serialization library for MessagePack...

[SECURITY] Fedora 36 Update: golang-github-pquerna-ffjson-0-0.10.20200730gitaa0246c.fc36

Ffjson generates static MarshalJSON and UnmarshalJSON functions for structures in Go. The generated functions reduce the reliance upon runtime reflection to do serialization and are generally 2 to 3 times faster. In cases where ffjson doesn't understand a Type involved, it falls back to...

[SECURITY] Fedora 36 Update: golang-github-googleapis-gnostic-0.5.3-7.fc36

This package contains a Go command line tool which converts JSON and YAML OpenAPI descriptions to and from equivalent Protocol Buffer representations. Protocol Buffers provide a language-neutral, platform-neutral, extensible mechanism for serializing structured data. gnostic's Protocol Buffer...

Open-Xchange OX App Suite 操作系统命令注入漏洞

Open-Xchange OX App Suite is an email and productivity suite client software from Open-Xchange Germany. An operating system command injection vulnerability exists in Open-Xchange OX App Suite versions 7.10.6 and below, which stems from a compatibility layer of the documentconverter API that can b...

Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to a denial server due to its use of Google's Gson

Summary GSON is used by several components in IBM Cloud Pak for Multicloud Management Monitoring to serialize/deserialize data. Vulnerability Details IBM X-Force ID: 217225 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the...

Amazon Linux 2 : java-1.8.0-openjdk (ALAS-2022-1821)

The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.332.b09-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1821 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

CVE-2022-2437

The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to deserialization of untrusted input via the 'ftsurl' parameter in versions up to, and including 2.9.8.5. This makes it possible for unauthenticated attackers to call files using a PHAR wrapper that will...

Fedora: Security Advisory for golang-github-tinylib-msgp (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-pquerna-ffjson (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-tinylib-msgp-1.1.5-5.fc35

This is a code generation tool and serialization library for MessagePack...

[SECURITY] Fedora 35 Update: golang-github-pquerna-ffjson-0-0.9.20200730gitaa0246c.fc35

Ffjson generates static MarshalJSON and UnmarshalJSON functions for structures in Go. The generated functions reduce the reliance upon runtime reflection to do serialization and are generally 2 to 3 times faster. In cases where ffjson doesn't understand a Type involved, it falls back to...

[SECURITY] Fedora 35 Update: golang-github-gogo-protobuf-1.3.2-5.fc35

Gogoprotobuf is a fork of golang/protobuf with extra code generation features. This code generation is used to achieve: - fast marshalling and unmarshalling - more canonical Go structures - goprotobuf compatibility - less typing by optionally generating extra helper code - peace of mind by...

BSA-2022-1736

Security Advisory ID : BSA-2022-1736 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle...

BSA-2022-1730

Security Advisory ID : BSA-2022-1730 Component : Oracle Java SE Revision : 1.0 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle...

Security Bulletin: A security vulnerability has been identified in jackson-databind shipped with IBM Tivoli Netcool Impact (CVE-2020-36518, WS-2021-0616)

Summary jackson-databind is shipped with IBM Tivoli Netcool Impact. Information about a security vulnerability affecting jackson-databind has been published in a security bulletin. Vulnerability Details CVEID: CVE-2020-36518 DESCRIPTION: FasterXML jackson-databind is vulnerable to a denial of...

CVE-2022-2309 NULL Pointer Dereference in lxml/lxml

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

[SECURITY] Fedora 36 Update: golang-github-pquerna-ffjson-0-0.9.20200730gitaa0246c.fc36

Ffjson generates static MarshalJSON and UnmarshalJSON functions for structures in Go. The generated functions reduce the reliance upon runtime reflection to do serialization and are generally 2 to 3 times faster. In cases where ffjson doesn't understand a Type involved, it falls back to...

[SECURITY] Fedora 36 Update: golang-github-googleapis-gnostic-0.5.3-6.fc36

This package contains a Go command line tool which converts JSON and YAML OpenAPI descriptions to and from equivalent Protocol Buffer representations. Protocol Buffers provide a language-neutral, platform-neutral, extensible mechanism for serializing structured data. gnostic's Protocol Buffer...