Cleartext Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the form of all state directory files, including the WireGuard private key file, being included in archives by default. The runTool function does not remove this file before archiving. Using...

TencentOS Server 4: netplan (TSSA-2024:0909)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0909 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Improper Restriction of Communication Channel to Intended Endpoints

Overview Affected versions of this package are vulnerable to Improper Restriction of Communication Channel to Intended Endpoints in the custom netstack implementation. An attacker can access internal services or execute unauthorized actions by recovering a Wireguard private key from a process dum...

EUVD-2022-53922

Malicious code in bioql PyPI...

AZL-51964 CVE-2022-4968 affecting package netplan for versions less than 0.95-3

netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected...

netplan Security Vulnerabilities

netplan is a utility program from the netplan team for easy network configuration on Linux systems. A security vulnerability exists in Netplan 1.0 and earlier versions, which stems from disclosing the private key of wireguard to local users...