Fedora 41 : clamav (2024-0d7eb64d90)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-0d7eb64d90 advisory. Update to 1.0.7 CVE-2024-20506: Changed the logging module to disable following symlinks on Linux and Unix systems so as to prevent an attacker with...

PT-2024-13258 · Google · Chromium

Name of the Vulnerable Software and Affected Versions: AiLux imx6 bundle versions prior to imx6 1.0.7-2 Description: A CWE-552 vulnerability in the embedded Chromium browser allows a physical attacker to arbitrarily download or upload files to or from the file system. This issue has unspecified...

PT-2024-13260 · Unknown · Ailux Imx6 Bundle

Name of the Vulnerable Software and Affected Versions: AiLux imx6 bundle versions prior to imx6 1.0.7-2 Description: A vulnerability in the file configuration functionality of the web application allows a remote unauthenticated attacker to access confidential configuration files. The issue is...

PT-2023-31065 · Unknown · Domsanitizer

Name of the Vulnerable Software and Affected Versions: DOMSanitizer versions prior to 1.0.7 Description: The issue arises from the mishandling of comments and the use of greedy regular expressions in SVG documents, leading to a potential XSS attack. Recommendations: For versions prior to 1.0.7,...