Mageia: Security Advisory (MGASA-2022-0487)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-ujson packages fix security vulnerability

Fixes len integer overflow issue. RHBZ2149975 Ultrajson doesn't build on webassembly e.g. pyodide because the version of double-conversion used is too old. This updates it to a newer version which supports webassembly...

new packages: inkscape-flatpak module

An update is available for libsigc++20, gc, poppler, inkscape, poppler-data, python-scour, libwpd, librevenge, libwpg, pangomm, python-lxml, potrace, gtkmm30, double-conversion, gtkspell3, python-appdirs, numpy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base...

new packages: double-conversion

An update is available for double-conversion. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

GitLab: Double linking cause XSS (but blokeced by CSP in gitlab.com)

Summary URL display on Gitlab.com is currently broken. There is a risk of XSS due to double conversion of URLs into links. However, 12.5 incorporating the fix has not yet been released and is blocked by CSP at gitlab.com. Steps to reproduce 1. Login to gitlab.com 2. Create new project 3. Create a...

UBUNTU-CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::doubleconversion::Vector classes, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted web site...

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

JDK Double.parseDouble Denial-Of-Service

The Double.parseDouble method in Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a...

PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS

Binary data 801108.prm...

PHP 5.2.x < 5.2.17 / 5.3.x < 5.3.5 String To Double Conversion DoS

Binary data 5740.prm...