GHSA-CPQ7-6GPM-G9RC vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, opensearch-dashboards-fips...

CVE-2025-57052

cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decodearrayindexfrompointer function in cJSONUtils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters...

CVE-2025-9784

A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

postgresql: PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation

A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination...

GHSA-XWFJ-JGWM-7WP5 vulnerabilities

Vulnerabilities for packages: pgcat, wasmcloud, buck2, qdrant, py3-xet-core, wash, parseable, linkerd-network-validator, cargo-c, zizmor, cargo-audit, oranda, linkerd2, rustup, ruff, wadm, berg, ztunnel, shadowsocks-rust, pixi, topgrade, yazi, linkerd-extension-init, ntpd-rs, rust-analyzer,...

GHSA-6FXP-P9MG-Q64W vulnerabilities

Vulnerabilities for packages: az, py3-knack...

php: Fix of 3 CVEs

CVE-2025-1217: http stream wrapper: fix handling folded headers - CVE-2025-1734: http stream wrapper: fix handling headers with invalid name and no colon - CVE-2025-1861: fix http redirect location truncation...

CVE-2025-54080

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. An out-of-bounds read was found in Exiv2 versions 0.28.5 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An...

postgresql: PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation

A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination...

postgresql: PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation

A flaw was found in PostgreSQL. A buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can lead to process termination...

ROS-20250827-05

A vulnerability in the Perl programming language is related to generating cnonce insecurely. Exploiting the vulnerability could allow an attacker to compromise the target system...

ROS-20250827-01

Vulnerability of ComposeQueryMallocExMm riQuery.c function of Uriparser parser is related to integer overflow. overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

CVE-2025-6965 affecting package sqlite for versions less than 3.44.0-2

CVE-2025-6965 affecting package sqlite for versions less than 3.44.0-2. A patched version of the package is available...

CVE-2025-8715 affecting package postgresql for versions less than 16.10-1

CVE-2025-8715 affecting package postgresql for versions less than 16.10-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-9478

Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2025-55212

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon ":" to montage -geometry leads GetGeometry to set width/height to 0. Later, ThumbnailImage divides by these zer...

CVE-2025-54988 vulnerabilities

Vulnerabilities for packages: elasticsearch, elasticsearch-fips, opensearch...

thunderbird security update

128.14.0-3.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 128.14.0 - Add OpenELA debranding 128.14.0-3 - Update to 128.14.0 build2 128.14.0-2 - Add missing translations 128.14.0-1 - Update to 128.14.0 build1...

ROS-20250826-05

A vulnerability in the DBI module of the Perl DBI database interface is related to improper assignment of permissions to a a critical resource. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, as well as cause a denial of service...

CVE-2025-52456

A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based...