[SECURITY] Fedora 37 Update: python-cryptography-37.0.2-5.fc37

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

MAL-2023-8033 Malicious code in pagseguro-utils-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f7a3386fd85bb30de547429241a02add188cf0bcb06352f465f9a5f403408db6 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-7997 Malicious code in @pagseguro/ps-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 492467e28bf1b4fe156c5a01fadd9b075b419bc9dc92fb95a8048b523d16cbf0 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-7994 Malicious code in @pagseguro/axios-instance (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a465c79cb8dc5ed82a72b242444916efda5a4f4db9bdd4a28c24b6a7994d350b Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-8005 Malicious code in @pagseguro/psit (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f457656c2832e3e2ff9b65393c92d66d57185e7ea476dad7353464501b34d055 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-8006 Malicious code in @pagseguro/stylelint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a77a0e8f023eb828ca6897ba36220e030972b11f244c8f48c031c928e5342367 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-7998 Malicious code in @pagseguro/ps-cart-recovery (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d346211619464a6ebd3e0d7ec8ea2f1eea16c76edd0f48bab81b5640c0ee16b5 Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

Mozilla: Memory safety bugs fixed in Firefox ESR 102.8

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

MAL-2023-560 Malicious code in kuna-chart-header (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7b6783077178ab41482bc0e611e487453d9b0254e1e1ad5684b89472b002b2b4 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-448 Malicious code in flow-faucet (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0cff9be7c9c3ff28671b9dcf41cf2da25e5f96e860a1c0a8e6d0be715487071b Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

SUSE CVE-2017-4969

The Cloud Controller in Cloud Foundry cf-release versions prior to v255 allows authenticated developer users to exceed memory and disk quotas for tasks...

SUSE CVE-2020-26969

Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 83...

SUSE CVE-2022-29918

Mozilla developers Gabriele Svelto, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 99. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

CVE-2023-23931 Cipher.update_into can corrupt memory in pyca cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

MAL-2023-745 Malicious code in reporter-app-dist (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 916108fdfabf947f1521341be09140cd10809b0529e3bce843731f7785bfb702 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

MAL-2023-8028 Malicious code in kaluza-careers (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7fc6bb8e84e2499d431b69a1efe08fbdc626b2801e898180833dde64c951c39e Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-251 Malicious code in digital-staticsite (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7cf28f9b3aee1deb96e037e6f68421b07112de0026dc8406174bfc2f416ccd3e Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Malicious code in kaluza-careers (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7fc6bb8e84e2499d431b69a1efe08fbdc626b2801e898180833dde64c951c39e Malicious packages campaign since 2021 targeting developers, steals source code and secrets...

MAL-2023-8038 Malicious code in test-npm-com-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx eb86ecfecc56220476e3c33bd4f86f95c17be6c7a9a7a3cdc9ca822205076380 Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ossf-package-analysis...

MAL-2023-757 Malicious code in samuelpoctester (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1f7b2e15c0c93b4a5ee61dc9bede38e31e95af4885247c9d4c30d4846d2d67ed Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...