GHSA-PP9M-QF39-HXJC S3-Proxy allows Reflected Cross-site Scripting (XSS) in template implementation

Summary A Reflected Cross-site Scripting XSS vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a high risk to all users. Details Give all details ...

[SECURITY] [DLA 4060-1] djoser security update

Debian LTS Advisory DLA-4060-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson February 20, 2025 https://wiki.debian.org/LTS Package : djoser Version : 2.1.0-1+deb11u1 CVE ID : CVE-2024-21543 Debian Bug : 1089915 djoser is a REST implementation of Django...

PCI DSS 4.0 Mandates DMARC By 31st March 2025

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing i...

K000149883: PSR-7 header validation vulnerability CVE-2023-30536

Security Advisory Description slim/psr7 is a PSR-7 implementation for use with Slim 4. In versions prior to 1.6.1 an attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many servers in the...

DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

...

Important: Red Hat Security Advisory: bind9.16 security update

An update for bind9.16 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

ALSA-2025:1517 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

CVE-2024-2240

CVE-2024-2240 refers to the Brocade SANnav Docker implementation missing audit rules. Connected advisories confirm that SANnav deployments prior to SANnav 2.3.1b run dockerd without auditing, enabling a remote authenticated attacker to perform various attacks. The published Red Hat/Broadcom SANna...

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the default use of user-writable file paths on Windows platforms, which could lead to memory errors or file type misclassification...

CVE-2025-24903 libsignal-service-rs Doesn't Check Origin of Sync Messages

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

[SECURITY] Fedora 40 Update: fido-device-onboard-0.5.0-2.fc40

A rust implementation of the FIDO Device Onboard Specification...

CVE-2025-21694

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in readvmcore part 2 Since commit 5cbcb62dddf5 "fs/proc: fix softlockup in readvmcore" the number of softlockups in readvmcore at kdump time have gone down, but they still happen sometimes. In a memory...

Azure Linux 3.0 Security Update: coredns (CVE-2024-22189)

The version of coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22189 advisory. - quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its...

[SECURITY] Fedora 41 Update: fido-device-onboard-0.5.1-2.fc41

A rust implementation of the FIDO Device Onboard Specification...

vLLM uses Python 3.12 built-in hash() which leads to predictable hash collisions in prefix cache

Summary Maliciously constructed prompts can lead to hash collisions, resulting in prefix cache reuse, which can interfere with subsequent responses and cause unintended behavior. Details vLLM's prefix caching makes use of Python's built-in hash function. As of Python 3.12, the behavior of hashNon...

CVE-2021-37650

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for tf.rawops.ExperimentalDatasetToTFRecord and tf.rawops.DatasetToTFRecord can trigger heap buffer overflow and segmentation fault. The implementation assumes that all records in the...

CVE-2021-37665

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap...

CVE-2025-24802

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floornumroutedwires / 3 always include the 0 - 0 input-output pair. Thus a malicious prover can always prove that f0 = 0 for any lookup table f unless its length happens ...