[SECURITY] Fedora 36 Update: python-ujson-5.3.0-1.fc36

UltraJSON is an ultra fast JSON encoder and decoder written in pure C with bindings for Python...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29211 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29211 Source advisory: OSV:GHSA-XRP2-FHQ4-4Q3W...

Integer overflow in BCrypt class in Spring Security

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor 31, the encoder does not perform any salt rounds, due to an integer overflow error. The default...

CVE-2022-22976

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor 31, the encoder does not perform any salt rounds, due to an integer overflow error. The default...

CVE-2022-22976

CVE-2022-22976 affects Spring Security: when using BCrypt with maximum work factor (31), the encoder skips salt rounds due to an integer overflow. Affected: Spring Security 5.5.x before 5.5.7 and 5.6.x before 5.6.4 (plus unsupported earlier versions). Default settings are not affected. Remediatio...

CVE-2022-22976

A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor 31 due to an integer overflow error...

new packages: owasp-java-encoder

An update is available for owasp-java-encoder. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

Apple TV 缓冲区错误漏洞

Apple TV 4K and Apple TV HD are both products of Apple Inc.Apple TV 4K is a smart set-top box. The Apple TV 4K is a smart set-top box used to launch 4K Hdr images.Apple TV HD is a high-definition television set-top box product.... A buffer error vulnerability exists in Apple TV 4K, Apple TV 4K 2n...

CVE-2022-29978

There is a floating point exception error in sixelencoderdoresize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

DEBIAN-CVE-2022-29978

There is a floating point exception error in sixelencoderdoresize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

UBUNTU-CVE-2022-29978

There is a floating point exception error in sixelencoderdoresize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted JPEG file...

libsixel 安全漏洞

libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. libsixel img2sixel version 1.8.6 suffers from a denial of service vulnerability stemming from a floating-point exception error in ssixelencoderdoresize, encoder.c:633. A remo...

Fedora: Security Advisory for golang-github-francoispqt-gojay (FEDORA-2022-08ae2dd481)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-francoispqt-gojay-1.2.13-6.fc36

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

[SECURITY] Fedora 36 Update: python-ujson-5.2.0-1.fc36

UltraJSON is an ultra fast JSON encoder and decoder written in pure C with bindings for Python...

Fedora: Security Advisory for golang-github-francoispqt-gojay (FEDORA-2022-5cbd6de569)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: golang-github-francoispqt-gojay-1.2.13-6.fc34

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

[SECURITY] Fedora 35 Update: golang-github-francoispqt-gojay-1.2.13-6.fc35

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...