One newsletter to rule them all

Welcome to this week's edition of the Threat Source newsletter. " It's a dangerous business, going out your door. You step onto the road, and if you don't keep your feet, there's no knowing where you might be swept off to." -- Bilbo Baggins It's almost the end of the year, which feels like the...

EUVD-2023-27070

Malicious code in bioql PyPI...

OPENSUSE-SU-2024:13770-1 Bottles-51.11-1.1 on GA media

These are all security issues fixed in the Bottles-51.11-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora: Security Advisory for bottles (FEDORA-2023-328397d034)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for bottles (FEDORA-2023-cc571303eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: bottles-51.6-1.fc37

Easily manage Wine prefix in a new way! Run Windows software and games on Linux. Features: Create bottles based on environments a set of rule and dependencies for better software compatibility Access to a customizable environment for all your experiments Run every executable .exe/.msi in your...

Fedora 37 : bottles / python-vkbasalt-cli (2023-328397d034)

The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-328397d034 advisory. Update bottles to 51.6 and release final dependency vkbasalt-cli Tenable has extracted the preceding description block directly from the Fedora...

Fedora 38 : bottles / python-vkbasalt-cli (2023-cc571303eb)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-cc571303eb advisory. Update bottles to 51.6 and release final dependency vkbasalt-cli Tenable has extracted the preceding description block directly from the Fedora...

CVE-2023-22970

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

CVE-2023-22970

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

CVE-2023-22970

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

Remote code execution

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

PT-2023-18804 · Bottle · Bottle

Name of the Vulnerable Software and Affected Versions: Bottles versions prior to 51.0 Description: The issue is related to the mishandling of YAML load, which can be exploited for remote code execution via a crafted file. Recommendations: For versions prior to 51.0, update to version 51.0 or late...

CVE-2023-22970

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

CVE-2023-22970

Bottles before 51.0 mishandles YAML load, which allows remote code execution via a crafted file...

CVE-2023-22970

CVE-2023-22970 – Bottles : A YAML loader handling issue in Bottles

Unfixed Script Insertion vulnerability at www.99-bottles-of-beer.net

Security researcher AppleJax, has submitted on 12/07/2008 a Script Insertion vulnerability affecting www.99-bottles-of-beer.net, which at the time of submission ranked 419269 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/07/2008. It is...