Fedora 44 : python-uv-build / rust-astral-tokio-tar / uv (2026-7aacc8ea7d)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-7aacc8ea7d advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

Fedora 42 : python-uv-build / rust-astral-tokio-tar / uv (2026-8d8aee6aaf)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-8d8aee6aaf advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

CVE-2024-25108

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

Design/Logic Flaw

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

CVE-2024-25108 Insufficient authorization allowing elevated access to resources in pixelfed

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

CVE-2024-25108 Insufficient authorization allowing elevated access to resources in pixelfed

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

Pixelfed Security Vulnerability

Pixelfed is a free and ethical photo sharing platform from the individual developers of Pixelfed. A security vulnerability exists in Pixelfed versions v0.10.4 through 0.11.11, which stems from an incorrect and insufficient authorization check for processing requests, which could allow an attacker...

SUSE CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...