Advisory ROSA-SA-2025-2768

Software: python-jinja2 2.10.1 OS: ROSA Virtualization 3.0 packageevrstring: python-jinja2-2.10.1-6.rv30 CVE-ID: CVE-2024-56326 BDU-ID: 2025-00113 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the str.format method of the html template tool jinja is related to a failure to neutralize special...

Fedora 40 : chromium (2024-4d80983af6)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4d80983af6 advisory. Update to 130.0.6723.58 High CVE-2024-9954: Use after free in AI Medium CVE-2024-9955: Use after free in Web Authentication Medium CVE-2024-9956:...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 126 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 126.0.6478.54 Linux 126.0.6478.56/57 Windows, Mac contains a number of fixes and improvements -- a list of changes is...

nodejs:18 security update

nodejs 1:18.19.1-1 - Rebase to version 18.19.1 - Fixes: CVE-2024-21892 CVE-2024-22019 high - Fixes: CVE-2023-46809 medium nodejs-nodemon nodejs-packaging...

WordPress WP BugBot Plugin <= 1.8.0 is vulnerable to Cross Site Scripting (XSS)

Software WP BugBot Type Plugin Vulnerable versions = 1.8.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8154723f093b Credits Rafie Muhammad Patchstack Required...

WordPress Scrollsequence Plugin < 1.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Scrollsequence Type Plugin Vulnerable versions 1.4.0 Fixed in 1.4.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID eb5132424b2d Credits Rafie Muhammad Patchstack Required...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 15 security fixes: 1423304 Medium CVE-2023-2459: Inappropriate implementation in Prompts. Reported by Rong Jian of VRI on 2023-03-10 1419732 Medium CVE-2023-2460: Insufficient validation of untrusted input in Extensions. Reported by Martin Bajanik,...

Stable Channel Update for Desktop

The Stable channel has been updated to 90.0.4430.212 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by...

FreeBSD : chromium -- multiple vulnerabilities (d153c4d2-50f8-11eb-8046-3065ec8fd3ec)

Chrome Releases reports : This release includes 16 security fixes, including : - 1148749 High CVE-2021-21106: Use after free in autofill. Reported by Weipeng Jiang @Krace from Codesafe Team of Legendsec at Qi'anxin Group on 2020-11-13 - 1153595 High CVE-2021-21107: Use after free in drag and drop...

Stable Channel Update for Desktop

The stable channel has been updated to 84.0.4147.125 for Windows, Mac, and Linux, which will roll out over the coming days/weeks. A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The...

FreeBSD : chromium -- multiple vulnerabilities (c039a761-2c29-11e6-8912-3065ec8fd3ec)

Google Chrome Releases reports : 15 security fixes in this release, including : - 601073 High CVE-2016-1696: Cross-origin bypass in Extension bindings. Credit to anonymous. - 613266 High CVE-2016-1697: Cross-origin bypass in Blink. Credit to Mariusz Mlynski. - 603725 Medium CVE-2016-1698:...

Stable Channel Update

The Google Chrome team is pleased to announce the arrival of Chrome 13.0.782.107 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Spanning 5200+ revisions, Chrome 13 contains some exciting new features like Instant Pages prerendering technology. To find out about other new feature...