13 matches found
EUVD-2023-1030
Malicious code in bioql PyPI...
Fedora 36 : pcs (2023-5993ffa09a)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5993ffa09a advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...
Fedora 38 : pcs (2023-4d546e6b4b)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4d546e6b4b advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...
Fedora 37 : pcs (2023-cb2e422088)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-cb2e422088 advisory. - Fix displaying differences between configuration checkpoints in pcs config checkpoint diff command - Fix pcs stonith update-scsi-devices command which was...
Rocky Linux 9 : pcs (RLSA-2023:1591)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:1591 advisory. - Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a proper...
Oracle Linux 9 : pcs (ELSA-2023-12235)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12235 advisory. 0.11.3-4.el91.3 - Fixed a vulnerability in pcs-web-ui-node-modules - Resolves: rhbz2179900 Tenable has extracted the preceding description block directly from...
AlmaLinux 9 : pcs (ALSA-2023:1591)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:1591 advisory. - Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property...
RHEL 9 : pcs (RHSA-2023:1591)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1591 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: webpack: avoid cross-realm...
CVE-2023-28154
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...
CVE-2023-28154
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...
CVE-2023-28154
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...
CVE-2023-28154
Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object...
CVE-2023-28154
CVE-2023-28154 affects Webpack 5 before 5.76.0. ImportParserPlugin.js mishandles the magic comment feature, allowing an attacker who controls a property of an untrusted object to obtain access to the real global object (cross-realm object access). CVSS v3.1 base score 9.8 (CRITICAL). Remediation:...