[SECURITY] Fedora 39 Update: rust-bat-0.24.0-3.fc39

A cat1 clone with wings...

CVE-2023-52160

A flaw was found in wpasupplicant's implementation of PEAP. This issue may allow an attacker to skip the second phase of authentication when the target device has not been properly configured to verify the authentication server. By skipping the second phase of authentication, it’s easier for an...

jgit: arbitrary file overwrite

Arbitrary File Overwrite in Eclipse JGit = 6.6.0 In Eclipse JGit, all versions = 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive...

jgit: arbitrary file overwrite

Arbitrary File Overwrite in Eclipse JGit = 6.6.0 In Eclipse JGit, all versions = 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive...

CVE-2023-7204

The WP STAGING WordPress Backup plugin before 3.2.0 allows access to cache files during the cloning process which provides...

Antisquat - Leverages AI Techniques Such As NLP, ChatGPT And More To Empower Detection Of Typosquatting And Phishing Domains

AntiSquat leverages AI techniques such as natural language processing NLP, large language models ChatGPT and more to empower detection of typosquatting and phishing domains. How to use Clone the project via git clone https://github.com/redhuntlabs/antisquat. Install all dependencies by typing pip...

git: data exfiltration with maliciously crafted repository

A vulnerability was found in Git. Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GITDIR/objects directory contains symbolic links CVE-2022-39253, the objects...

Hreflang Manager < 1.07 - Cross-Site Request Forgery

Description The plugin is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.06. This is due to missing nonce validation in the /admin/view/connections.php file. This makes it possible for unauthenticated attackers to modify, delete, and clone connections via a forge...

AZL-33891 CVE-2023-49569 affecting package packer for versions less than 1.9.5-3

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

DEBIAN-CVE-2023-49569

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

UBUNTU-CVE-2023-49569

A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows an attacker to create and amend files across the filesystem. In the worse case scenario, remote code execution could be achieved. Applications are only affected if they are using the ChrootO...

CVE-2023-6750

The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path...

CVE-2023-6750

The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path...

Path traversal

The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path...

CVE-2023-6750 Clone < 2.4.3 - Unauthenticated Backup Download

The Clone WordPress plugin before 2.4.3 uses buffer files to store in-progress backup informations, which is stored at a publicly accessible, statically defined file path...

WordPress Plugin Clone Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

GitLab < 15.6.8 (CRITICAL-SECURITY-RELEASE-GITLAB-15-8-2-RELEASED)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git...

WordPress Clone Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure

Software Clone Type Plugin Vulnerable versions = 2.4.2 Fixed in 2.4.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6750 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 53f7fdbe82a9 Credits Dmitrii Ignatyev Required privilege...

PT-2023-32756

Name of the Vulnerable Software and Affected Versions Clone WordPress plugin versions prior to 2.4.3 Description The Clone WordPress plugin uses buffer files to store in-progress backup information at a publicly accessible, statically defined file path. This issue potentially affects 90,000 sites...

Important: Red Hat Security Advisory: OpenShift Virtualization 4.14.1 security and bug fix update

Red Hat OpenShift Virtualization release 4.14.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...