3 matches found
EUVD-2023-36563
Malicious code in bioql PyPI...
Insertion of Sensitive Information Into Sent Data
Overview std/net/http is a Go standard library package std/net/http Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data. Go Vulnerability Report: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially...
[SECURITY] [DSA-059-1] man-db symlink attack
Package : man-db Problem type : symlink attack Debian-specific: no Luki R. reported a bug in man-db: it did handle nested calls of dropeffectiveprivs and regaineffectiveprivs correctly which would cause it to regain privileges to early. This could be abused to make man create files as user man...