Ubuntu: Security Advisory (USN-7643-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-M435-9V6R-V5F6 MobSF vulnerability allows SSRF due to the allow_redirects=True parameter

Summary The fix for the "SSRF Vulnerability on assetlinkscheckactname, wellknowns" vulnerability could potentially be bypassed. Details Since the requests.get request in the checkurl method is specified as allowredirects=True, if "https://mydomain.com/.well-known/assetlinks.json" returns a 302...

Alibaba Cloud Linux 3 : 0124: squid:4 (ALINUX3-SA-2022:0124)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0124 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-12519: An issue was discovered in...

ALSA-2024:11238 Moderate: python3.11-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 For more details about the security issues, including the...

Xavi X7028r DSL Router - UPNP Long Request Denial of Service

Xavi X7028r DSL Router - UPNP Long Request Denial of Service source: https://www.securityfocus.com/bid/8252/info A problem has been reported in the handling of requests of excessive length placed to the service on port 280 by the Xavi X7028r DSL router. This may allow an attacker to crash a...