EUVD-2019-17905

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-8515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-origin issue existed with the fetch API. This was addressed with improved input validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1,...

GHSA-F27P-CMV8-XHM6 fetch: Authorization headers not dropped when redirecting cross-origin

Summary When you send a request with the Authorization header to one domain, and the response asks to redirect to a different domain, Deno'sfetch redirect handling creates a follow-up redirect request that keeps the original Authorization header, leaking its content to that second domain. Details...

MGASA-2018-0202 Updated firefox packages fix security vulnerability

Memory safety bugs fixed in Firefox ESR 52.7 CVE-2018-5125. Buffer overflow manipulating SVG animatedPathSegList CVE-2018-5127. Out-of-bounds write with malformed IPC messages CVE-2018-5129. Mismatched RTP payload type can trigger memory corruption CVE-2018-5130. Fetch API improperly returns cach...