Fedora 42 : composer (2026-13b4dbe546)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-13b4dbe546 advisory. Version 2.9.3 - 2025-12-30 Security: Fixed ANSI sequence injection GHSA-59pp-r3rg-353g / CVE-2025-67746 Fixed COMPOSERNOSECURITYBLOCKING env var not being...

CVE-2018-12434

LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical ho...

EUVD-2018-20577

Malware in sbrugna...

EUVD-2015-5303

Malware in sbrugna...

EUVD-2018-4405

Malware in sbrugna...

EUVD-2017-17262

Malware in sbrugna...

EUVD-2015-5304

Malware in sbrugna...

EUVD-2019-11498

Malware in sbrugna...

EUVD-2019-11499

Malware in sbrugna...

EUVD-2014-9245

Malware in sbrugna...

EUVD-2023-39781

Malicious code in bioql PyPI...

EUVD-2021-28595

Malicious code in bioql PyPI...

EUVD-2021-33530

Malicious code in bioql PyPI...

EUVD-2022-51133

Malicious code in bioql PyPI...

LibreSSL -- overwrite and -read vulnerability

The LibreSSL project reports: An incorrect length check can result in a 4-byte overwrite and an 8-byte overread...

FreeBSD : LibreSSL -- overwrite and -read vulnerability (699ef80f-9e91-11f0-bc5f-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 699ef80f-9e91-11f0-bc5f-8447094a420f advisory. The LibreSSL project reports: An incorrect length check can result in a 4-byte overwrite and an 8-byte...

CVE-2022-48437

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

CVE-2021-41581

x509constraintsparsemailbox in lib/libcrypto/x509/x509constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAINPARTMAXLEN, the buffer lacks '\0' termination...

CVE-2019-25048

LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in doprintex called from asn1itemprintctx and ASN1itemprint...

CVE-2019-25049

LibreSSL 2.9.1 through 3.2.1 has an out-of-bounds read in asn1itemprintctx called from asn1templateprintctx...