Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: rust: cargo-1.95.0-5.hum1 aarch64, x8664 clippy-1.95.0-5.hum1 aarch64, x8664 rust-1.95.0-5.hum1 aarch64, x8664 rust-analyzer-1.95.0-5.hum1 aarch64, x8664 rust-debugger-common-1.95.0-5.hum1 noarch...

catbyte-toolkit

cb - Binary Analysis Toolkit for macOS/iOS Security Research...

Arbitrary Command Injection

Overview xcode-mcp-server is an An MCP server for Xcode integration, enabling AI assistants to interact with Xcode projects Affected versions of this package are vulnerable to Arbitrary Command Injection via the registerXcodeTools function in the runlldb component when processing the args argumen...

PT-2026-7010

Name of the Vulnerable Software and Affected Versions r-huijts xcode-mcp-server versions up to f3419f00117aa9949e326f78cc940166c88f18cb Description A command injection issue exists in the registerXcodeTools function within the src/tools/xcode/index.ts file of the run lldb component. Manipulation ...

About the security content of Xcode 26.1

About the security content of Xcode 26.1 This document describes the security content of Xcode 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of Xcode 26.1

About the security content of Xcode 26.1 This document describes the security content of Xcode 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

CVE-2024-31852 affecting package lldb for versions less than 18.1.2-2

CVE-2024-31852 affecting package lldb for versions less than 18.1.2-2. A patched version of the package is available...

llvm-toolset:rhel8 bug fix and enhancement update

An update is available for llvm-compat, lld, compiler-rt, module.lld, lldb, python-lit, module.python-lit, module.lldb, llvm, libomp, module.compiler-rt, clang, module.libomp, module.llvm-compat, module.llvm, module.clang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System...

llvm-toolset:rhel8 bug fix and enhancement update

An update is available for lld, compiler-rt, module.lld, lldb, python-lit, module.python-lit, module.lldb, llvm, libomp, module.compiler-rt, clang, module.libomp, module.llvm, module.clang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a...

Malicious code in lldb-dap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b30b65734b0a9961a35218b38d14cb5fc920ed076b3121fbab31e41262d4693 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-2628 Malicious code in lldb-dap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1b30b65734b0a9961a35218b38d14cb5fc920ed076b3121fbab31e41262d4693 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

AZL-39728 CVE-2024-31852 affecting package lldb for versions less than 18.1.2-2

LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack, and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we...

llvm-toolset:rhel8 bug fix and enhancement update

An update is available for module.libomp, module.llvm, clang, libomp, llvm, module.clang, module.compiler-rt, compiler-rt, python-lit, module.lld, module.lldb, module.python-lit, lldb, lld. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a...

Fedora 39 : clang / compiler-rt / flang / libclc / libcxx / libomp / lld / lldb / etc (2023-67f0f8d186)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-67f0f8d186 advisory. Update to LLVM 17.0.2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora: Security Advisory for lldb (FEDORA-2023-67f0f8d186)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

dotnet7.0 security, bug fix, and enhancement update

7.0.100-0.5.rc2.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.100-0.5.rc2 - Add lldb as a build dependency - Related: RHBZ2134641 7.0.100-0.4.rc2 - Enable ppc64le builds - Related: RHBZ2134641 7.0.100-0.3.rc2 - Update to .NET 7 RC 2 -...

llvm-toolset bug fix and enhancement update

An update is available for llvm-toolset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux...

Malicious Package

Overview lldb-vscode is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in lldb-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe9916629b31632e8891a1ad6e398d0a3159ec2c1ba97501fbe7f68b29e77f3d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4330 Malicious code in lldb-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe9916629b31632e8891a1ad6e398d0a3159ec2c1ba97501fbe7f68b29e77f3d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...