SUSE SLES12 Security Update : gstreamer-plugins-bad (SUSE-SU-2021:1873-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2021:1873-1 advisory. - A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cau...

Reflected cross-site scripting issue in Datasette

Impact The ?trace=1 debugging feature in Datasette does not correctly escape generated HTML, resulting in a reflected cross-site scripting vulnerability. This vulnerability is particularly relevant if your Datasette installation includes authenticated features using plugins such as...

SUSE-SU-2021:1875-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2021-3185: Fixed buffer overflow in gsth264sliceparsedecrefpicmarking bsc1181255...

SUSE-SU-2021:1873-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2021-3185: Fixed buffer overflow in gsth264sliceparsedecrefpicmarking bsc1181255...

@backstage/plugin-catalog (>=0.0.0-nightly-202011242419 <=0.2.9), @backstage/plugin-techdocs (>=0.0.0-nightly-2021242250 <=0.7.0) +2 more potentially affected by CVE-2021-32660 via @backstage/techdocs-common (>=0.0.0-nightly-20220923026 <=0.5.1)

@backstage/techdocs-common NPM version =0.0.0-nightly-20220923026, =0.0.0-nightly-202011242419, =0.0.0-nightly-2021242250, =0.0.0-nightly-2021112332, =0.0.0-nightly-2022122206, =0.8.16 Source cves: CVE-2021-32660 Source advisory: OSV:GHSA-PWHF-39XG-4RXW...

@backstage/plugin-api-docs (>=0.1.1 <=0.1.1-alpha.26), @backstage/plugin-catalog (>=0.0.0-nightly-2020972106 <=0.2.9) +20 more potentially affected by CVE-2021-32661 via @backstage/plugin-techdocs (>=0.0.0-nightly-20220708025041 <=0.5.8)

@backstage/plugin-techdocs NPM version =0.0.0-nightly-20220708025041, =0.1.1, =0.0.0-nightly-2020972106, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.1.1-alpha.19, =0.0.0-nightly-20220504024625, =0.1.2, =0.1.3 - @roadiehq/backstage-plugin-buildkite =0.1.0 and more Source cve...

@backstage/plugin-catalog (>=0.0.0-nightly-202011242419 <=0.2.9), @backstage/plugin-techdocs (>=0.0.0-nightly-2021242250 <=0.7.0) +2 more potentially affected by CVE-2021-32662 via @backstage/techdocs-common (>=0.0.0-nightly-20220923026 <=0.5.1)

@backstage/techdocs-common NPM version =0.0.0-nightly-20220923026, =0.0.0-nightly-202011242419, =0.0.0-nightly-2021242250, =0.0.0-nightly-2021112332, =0.0.0-nightly-2022122206, =0.8.16 Source cves: CVE-2021-32662 Source advisory: OSV:GHSA-PGF8-28GG-VPR6...

openSUSE Security Update : gstreamer / gstreamer-plugins-bad / gstreamer-plugins-base / etc (openSUSE-2021-822)

This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues : gstreamer was updated to version 1.16.3 bsc1181255 : - delay creation of threadpools - bin: Fix deep-element-removed log message - buffer: fix meta...

SUSE SLED15 / SLES15 Security Update : gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly (SUSE-SU-2021:1819-1)

This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues : gstreamer was updated to version 1.16.3 bsc1181255 : delay creation of threadpools bin: Fix deep-element-removed log message buffer: fix meta...

openSUSE: Security Advisory for gstreamer, (openSUSE-SU-2021:0822-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2021:1819-1 Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly

This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues: gstreamer was updated to version 1.16.3 bsc1181255: - delay creation of threadpools - bin: Fix deep-element-removed log message - buffer: fix meta...

Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly (important)

openSUSE Security Update: Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly Announcement ID: openSUSE-SU-2021:0822-1 Rating: important References: 1181255 SLE-13843 Cross-References: CVE-2021-3185 CVSS scores: CVE-2021-318...

olcne security update

coredns 1.7.0-1 - Added Oracle specific build files cri-o 1.18.4-2 - Fix for CVE-2021-27918 1.18.4-1 - Added Oracle Specifile Files for cri-o cri-tools 1.18.0-2 - Address CVE-2021-27918 etcd 3.4.3-1.0.5 - Address CVE-2021-27918 flannel 0.12.0-2 - Address CVE-2021-27918 yq 3.4.0-2 - Address...

[SECURITY] Fedora 34 Update: slapi-nis-0.56.7-1.fc34

This package provides two plugins for Red Hat and 389 Directory Server. The NIS Server plugin allows the directory server to act as a NIS server for clients, dynamically generating and updating NIS maps according to its configuration and the contents of the DIT, and serving the results to clients...

CVE-2021-3486

GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code...

Code injection

GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code...

UBUNTU-CVE-2021-3486

GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code...

CVE-2021-3486

CVE-2021-3486 relates to GLPI 9.5.4 where metadata is not sanitized, enabling stored XSS in plugins and execution of JavaScript in the user’s browser. The root cause is lack of proper sanitation in the metadata handling. The description provides the affected software (GLPI 9.5.4) and the impact (...

CVE-2021-20486

IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668...

Information disclosure

IBM Cloud Pak for Data 3.0 could allow an authenticated user to obtain sensitive information when installed with additional plugins. IBM X-Force ID: 197668...