Updated python3 packages fix security vulnerability

In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP CVE-2020-27619...

SUSE-SU-2020:3865-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen bsc1155094 - CVE-2019-20916: Fixed a directory traversal in downloadhttpurl bsc1176262. - CVE-2020-27619: Fixed an issue where the CJK codec tests call eval...

Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability

Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in Apache Commons Codec Vulnerability Details CVEID: CVE-2020-8201 DESCRIPTION: Node.js is vulnerable to HTTP request smuggling, caused by CR-to-Hyphen conversion. By sending specially...

Security Bulletin: Netcool Operations Insight - Cloud Native Event Analytics is affected by an Apache Commons Codec vulnerability

Summary Netcool Operations Insight - Cloud Native Event Analytics has addressed the following vulnerability in Apache Commons Codec Vulnerability Details CVEID: CVE-2020-8237 DESCRIPTION: Node.js json-bigint module is vulnerable to a denial of service, caused by a prototype pollution flaw. By...

CVE-2020-27035

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-27035

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-27035

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Design/Logic Flaw

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-27035

In priorLinearAllocation of C2AllocatorIon.cpp, there is a possible use-after-free due to improper locking. This could lead to local information disclosure in the media codec with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2020-27035

CVE-2020-27035 : In Android’s media stack, specifically in priorLinearAllocation() of C2AllocatorIon.cpp, there is a possible use-after-free caused by improper locking. This can lead to local information disclosure in the media codec without additional execution privileges. Affected: Android-11. ...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-2528)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBP javaenv and dind images

Summary Versions of IBP images javaenv and dind before 2.5.1 included a version of gradle that depended upon vulnerable Apache libraries. Gradle is a build system, intended to aid in building chaincode, though not required for building chaincode. Vulnerability Details CVEID: CVE-2020-1953...

EulerOS 2.0 SP8 : python2 (EulerOS-SA-2020-2527)

According to the version of the python2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP.CVE-2020-27619 Note that...

Security Bulletin: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input.

Summary Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive information. Vulnerability Details Third Party Entry: 177835 DESCRIPTION:...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Commons Codec

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache Commons Codec. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec information disclosure CVSS Base score: 7.5 CVSS Temporal Score: See:...

The vulnerability of the Windows Camera Codec Pack software on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Windows Camera Codec Pack software suite on Windows operating systems is related to object handling errors in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-2489)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Zetetic Sqlcipher 资源管理错误漏洞

Zetetic Sqlcipher is a SqlLite-based database from Zetetic USA. The database provides a SqlLite-like access API while adding numerous security elements. A resource management error vulnerability exists in Zetetic SQLCipher versions 4.x through 4.4.1, which stems from sqlciphercodecpragma and...

Security Bulletin: IBM Network Performance Insight is affected by Apache Commons Codec vulnerability

Summary Security Bulletin: IBM Network Performance Insight is affected by Apache Commons Codec vulnerability. This vulnerability is resolved by updating the third party Apache Commons Codec in following hotfix. Vulnerability Details Third Party Entry: 177835 DESCRIPTION: Apache Commons Codec...

The vulnerability of the AV1 Video Extension codec, related to improper code generation control, allows a perpetrator to execute arbitrary code.

The vulnerability of the AV1 Video Extension codec is related to incorrect code generation control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...