Moderate: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 8 : git-lfs (RHSA-2023:2866)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:2866 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

GHSA-JH85-WWV9-24HV Any file can be included with the pymdown-snippets extension

Summary Arbitrary file read when using include file syntax. Details By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the generated documentation. Additionally, a path relative to a specified, allowed base path can also be used to...

CVE-2023-32309 Arbitrary file inclusion with the pymdowm-snippets extension

PyMdown Extensions is a set of extensions for the Python-Markdown markdown project. In affected versions an arbitrary file read is possible when using include file syntax. By using the syntax --8--"/etc/passwd" or --8--"/proc/self/environ" the content of these files will be rendered in the...

RHEL 9 : Image Builder (RHSA-2023:2204)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2204 advisory. Image Builder is a service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood...

RHEL 9 : git-lfs (RHSA-2023:2357)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:2357 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

PT-2023-26177 · Xwiki · Xwiki

Name of the Vulnerable Software and Affected Versions: XWiki versions 14.6-rc-1 through 14.10.3 XWiki versions prior to 15.0 RC1 Description: The issue concerns the cleaning of attributes during XHTML rendering in XWiki, which allowed the injection of arbitrary HTML code and thus cross-site...

Moderate: Red Hat Security Advisory: golang-github-cpuguy83-md2man security, bug fix, and enhancement update

An update for golang-github-cpuguy83-md2man is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: git-lfs security and bug fix update

An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] Fedora 38 Update: rust-git-delta-0.13.0-5.fc38

Syntax-highlighting pager for git...

[SECURITY] Fedora 36 Update: lilypond-doc-2.24.1-1.fc36

LilyPond is an automated music engraving system. It formats music beautifully and automatically, and has a friendly syntax for its input files. This package contains the HTML documentation for LilyPond...

[SECURITY] Fedora 36 Update: lilypond-2.24.1-1.fc36

LilyPond is an automated music engraving system. It formats music beautifully and automatically, and has a friendly syntax for its input files...

[SECURITY] Fedora 37 Update: lilypond-2.24.1-1.fc37

LilyPond is an automated music engraving system. It formats music beautifully and automatically, and has a friendly syntax for its input files...

GHSA-JGG7-W2RJ-58CJ XWiki Platform vulnerable to privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration

Impact Steps to reproduce: Open...

CVE-2023-29525 Privilege escalation from view right on XWiki.Notifications.Code.LegacyNotificationAdministration in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Affected versions of xwiki are subject to code injection in the since parameter of the /xwiki/bin/view/XWiki/Notifications/Code/LegacyNotificationAdministration endpoint. This provides an XWik...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in errors during the processing of input data when performing syntactic analysis of code. This allows an attacker to execute arbitrary code.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in errors in the processing of input data during syntax analysis of code. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in errors during the processing of input data when performing syntactic analysis of code. This allows an attacker to execute arbitrary code.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in errors in the processing of input data during syntax analysis of code. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Fedora: Security Advisory for python-markdown-it-py (FEDORA-2023-c3fb6d6b8d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: python-markdown-it-py-2.2.0-1.fc37

Markdown parser done right. Its features: Follows the CommonMark spec for baseline parsing. Has configurable syntax: you can add new rules and even replace existing ones. Pluggable: Adds syntax extensions to extend the parser. High speed & safe by default...

[SECURITY] Fedora 38 Update: python-markdown-it-py-2.2.0-1.fc38

Markdown parser done right. Its features: Follows the CommonMark spec for baseline parsing. Has configurable syntax: you can add new rules and even replace existing ones. Pluggable: Adds syntax extensions to extend the parser. High speed & safe by default...