Moderate: Red Hat Security Advisory: mysql:8.0 security update

An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EulerOS Virtualization 2.11.0 : zstd (EulerOS-SA-2023-3388)

According to the versions of the zstd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to caus...

EulerOS 2.0 SP11 : zstd (EulerOS-SA-2023-3046)

According to the versions of the zstd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overru...

EulerOS 2.0 SP11 : zstd (EulerOS-SA-2023-3023)

According to the versions of the zstd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overru...

EulerOS Virtualization 2.11.1 : zstd (EulerOS-SA-2023-3370)

According to the versions of the zstd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to caus...

Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2023-3370)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2023-3388)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: python-urllib3-1.26.18-1.fc39

urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =EF=BF=BD=EF=BF=BD=EF=BF=BD Thread safety. =EF=BF=BD=EF=BF=BD=EF=BF=BD Connection pooling. =EF=BF=BD=EF=BF=BD=EF=BF=BD Client-side SSL/TLS...

Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2023-3046)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for zstd (EulerOS-SA-2023-3023)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-46228

zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c...

CVE-2023-25586

A flaw was found in Binutils. A logic fail in the bfdinitsectiondecompressstatus function may lead to the use of an uninitialized variable that can cause a crash and local denial of service...

Amazon Linux 2 : zstd (ALAS-2023-2140)

The version of zstd installed on the remote host is prior to 1.5.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2140 advisory. In zstd, supplying an empty string as an argument to either --output-dir-flat or --output-dir-mirror may cause a buffer overrun...

Amazon Linux 2023 : libzstd, libzstd-devel, libzstd-static (ALAS2023-2023-244)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-244 advisory. In zstd, supplying an empty string as an argument to either --output-dir-flat or --output-dir-mirror may cause a buffer overrun. CVE-2022-4899 Tenable has extracted the preceding description block...

Medium: zstd

Issue Overview: In zstd, supplying an empty string as an argument to either --output-dir-flat or --output-dir-mirror may cause a buffer overrun. CVE-2022-4899 Affected Packages: zstd Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

Medium: zstd

Issue Overview: In zstd, supplying an empty string as an argument to either --output-dir-flat or --output-dir-mirror may cause a buffer overrun. CVE-2022-4899 Affected Packages: zstd Issue Correction: Run dnf update zstd --releasever 2023.1.20230719 or dnf update --advisory ALAS2023-2023-244...

SUSE-SU-2023:2074-1 Security update for zstd

This update for zstd fixes the following issues: - CVE-2022-4899: Fixed buffer overrun in util.c bsc1209533...

PT-2023-35779 · Zstd · Zstd

Name of the Vulnerable Software and Affected Versions: ZSTD affected versions not specified Description: The issue is related to a heap-buffer-overflow read, which occurs in the ZSTD decompressSequencesLong bmi2 function, specifically when calling ZSTD decompressSequencesLong and ZSTD...

OESA-2023-1214 zstd security update

Zstd is a fast lossless compression algorithm. It's backed by a very fast entropy stage,provided by Huff0 and FSE library. It's a real-time compression scenario for zlib levels and has a better compression ratio. Security Fixes: A vulnerability was found in zstd v1.4.10, where an attacker can...

Mageia: Security Advisory (MGASA-2023-0128)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...