Duplicate Advisory: Svix vulnerable to improper comparison of different-length signatures

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-747x-5m58-mq97. This link is maintained to preserve external references. Original Description The Webhook::verify function incorrectly compared signatures of different lengths - the two signatures would only be...

ruby: OpenSSL::X509:: Name equality check does not work correctly

An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one...

CVE-2014-9037

WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 might allow remote attackers to obtain access to an account idle since 2008 by leveraging an improper PHP dynamic type comparison for an MD5 hash...

Mandrake Linux Security Advisory : kernel (MDKSA-2005:219)

Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this update : An integer overflow in vcresize CVE-2004-1333. A race condition in the sysfsreadfile and sysfswritefile functions in 2.6.10 and earlier allows local users to read kernel memory and cause a DoS cra...