Lucene search
K

9 matches found

OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.12 views

openSUSE: Security Advisory for liferea (openSUSE-SU-2023:0096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.8AI score0.02385EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/28 12:0 a.m.16 views

openSUSE 15 Security Update : liferea (openSUSE-SU-2023:0096-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0096-1 advisory. - A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function updatejobrun of the file src/update.c of th...

9.8CVSS6.3AI score0.02385EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2023-0103)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02385EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.14 views

Fedora 36 : liferea (2023-f0ee64e7ec)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f0ee64e7ec advisory. Security fix for CVE-2023-1350 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

9.8CVSS7AI score0.02385EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/23 12:0 a.m.22 views

Fedora 37 : liferea (2023-1ba7a77530)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1ba7a77530 advisory. Security fix for CVE-2023-1350 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

9.8CVSS7AI score0.02385EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.14 views

Fedora 38 : liferea (2023-5a91738e22)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5a91738e22 advisory. Security fix for CVE-2023-1350 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

9.8CVSS7AI score0.02385EPSS
Exploits0References2
Mageia
Mageia
added 2023/03/18 10:16 p.m.29 views

Updated liferea packages fix security vulnerability

Remote code execution on feed enrichment. If "Extract full content from HTML5 and Google AMP" has been enabled for one or more feed subscriptions it is possible for a an attacker to inject a script command that runs with user priveleges. CVE-2023-1350...

9.8CVSS9.6AI score0.02385EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/03/11 9:15 a.m.16 views

CVE-2023-1350

A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function updatejobrun of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date /tmp/bad-item-link.txt leads to os command injection. Th...

9.8CVSS6.2AI score0.02385EPSS
Exploits0References2
CVE
CVE
added 2023/03/11 8:20 a.m.62 views

CVE-2023-1350

CVE-2023-1350 affects Liferea’s update_job_run (src/update.c, Feed Enrichment). The input source parameter can be manipulated to execute OS commands (remote, no user interaction). Documents consistently state this leads to remote code execution and that a patch exists; Gentoo/GLSA and OpenSUSE/SU...

9.8CVSS8.2AI score0.02385EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder