acari-lib (>=0.1.1 <=0.1.8), agate (=1.1.0) +59 more potentially affected by unknown CVE via tree_magic (=0.2.3)

treemagic CARGO version =0.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on treemagic and may be impacted: - acari-lib =0.1.1, =1.2.0, =0.6.0, =0.1.0, =0.1.0, =1.1.0, =0.10.1, =0.1.0, =0.1.4 - fractal-matrix-api =4.0.0 and more Source cves: unknown...

PT-2023-36089 · Unknown · Tree Magic

Name of the Vulnerable Software and Affected Versions: tree magic affected versions not specified Description: The tree magic crate is unmaintained, and its GitHub repository has been archived by the author. Recommendations: At the moment, there is no information about a newer version that contai...

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

RLSA-2023:1469 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: tun: avoid double free in tunfreenetdev CVE-2022-4744 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-026...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

PT-2023-21863 · Comrak · Comrak

Name of the Vulnerable Software and Affected Versions: comrak versions prior to 0.17.0 Description: The issue arises when a Comrak AST is constructed manually and then converted to HTML, as the HTML formatting code assumes the AST is well-formed. This assumption can be violated if the AST contain...

The vulnerability of the distributed Git version control system, related to the improper restriction on the path name of the restricted access directory, allows a violator to re-record any files in the system.

The vulnerability of the distributed Git version control system relates to the input of processed input data—the path outside the working tree may be rewritten by a user who runs “git apply”. Exploiting this vulnerability allows an attacker to rewrite any files in the system at will...

ROS-20230322-03

A vulnerability in the Git program is related to the input of processed input data - a path outside the working tree can be overwritten by a user running "git apply". Exploiting the vulnerability could allow an attacker acting remotely to run the affected command against a malicious or compromise...

EulerOS 2.0 SP10 : lxc (EulerOS-SA-2023-1557)

According to the versions of the lxc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected...

EulerOS 2.0 SP9 : lxc (EulerOS-SA-2023-1451)

According to the versions of the lxc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected...

kernel-rt security and bug fix update

An update is available for kernel-rt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 kernel: stack overflow in doprocdointvec an...

Updated git packages fix security vulnerability

Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GITDIR/objects directory contains symbolic links, the objects directory itself may still be a symbolic link. The...

Fedora: Security Advisory for golang-github-need-being-tree (FEDORA-2023-c9b2182a4e)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-need-being-tree (FEDORA-2023-6550d9323b)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-need-being-tree (FEDORA-2023-4e2068ba5d)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 38 : golang-github-need-being-tree / golang-helm-3 / golang-oras / etc (2023-4e2068ba5d)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-4e2068ba5d advisory. Update helm to 3.11.1, resolving multiple security issues Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 36 : golang-github-need-being-tree / golang-helm-3 / golang-oras / etc (2023-6550d9323b)

The remote Fedora 36 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-6550d9323b advisory. Update helm to 3.11.1, resolving multiple security issues Tenable has extracted the preceding description block directly from the Fedora security...

K15939: pl_tree.php XSS vulnerability CVE-2014-9342

Security Advisory Description Cross-site scripting XSS vulnerability in the tree view pltree.php feature in Application Security Manager ASM in F5 BIG-IP 11.3.0 allows remote attackers to inject arbitrary web script or HTML by accessing a crafted URL during automatic policy generation...

K94041354: OpenSSL vulnerability CVE-2019-1552

Security Advisory Description OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configurati...