907252 matches found
DLA-3398-1 curl - security update
Bulletin has no description...
ALSA-2023:1895 Important: java-11-openjdk security update
The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...
ALSA-2023:1673 Important: httpd:2.4 security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...
CVE-2023-28842 moby/moby's dockerd daemon encrypted overlay network with a single endpoint is unauthenticated
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...
GHSA-5X5Q-8CGM-2HJQ Karate has vulnerable dependency on json-smart package (CVE-2023-1370)
Summary The CVE How to fix it Very simple, just upgrade json-path package to 2.8.0 from 2.7.0 inside karate-core pom.xml ;...
GHSA-M8CG-XC2P-R3FC rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
Impact It was found that rootless runc makes /sys/fs/cgroup writable in following conditons: 1. when runc is executed inside the user namespace, and the config.json does not specify the cgroup namespace to be unshared e.g.., docker|podman|nerdctl run --cgroupns=host, with Rootless...
RLSA-2023:1405 Important: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: X.400 address type confusion in X.509 GeneralName CVE-2023-0286 openssl: timing attack in RSA...
DLA-3369-1 runc - security update
Bulletin has no description...
PYSEC-2023-50
Streamlit, software for turning data scripts into web applications, had a cross-site scripting XSS vulnerability in versions 0.63.0 through 0.80.0. Users of hosted Streamlit apps were vulnerable to a reflected XSS vulnerability. An attacker could craft a malicious URL with Javascript payloads to ...
GO-2023-1621 Incorrect calculation on P256 curves in crypto/internal/nistec
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...
RLSA-2023:1140 Moderate: curl security update
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fixes: curl: HTTP multi-header compression denial of service CVE-2023-23916 For more details about the security issues, including...
GHSA-59FQ-727J-HM3F keycloak-connect contains Open redirect vulnerability in the Node.js adapter
There is an Open Redirect vulnerability in the Node.js adapter when forwarding requests to Keycloak using checkSSO with query param prompt=none...
CVE-2023-27320
Sudo before 1.9.13p2 has a double free in the per-command chroot feature...
ALSA-2023:0946 Moderate: openssl security and bug fix update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: read buffer overflow in X.509 certificate verification CVE-2022-4203 openssl: timing attack in RS...
CVE-2023-0044
If the Quarkus Form Authentication session cookie Path attribute is set to / then a cross-site attack may be initiated which might lead to the Information Disclosure. This attack can be prevented with the Quarkus CSRF Prevention feature...
GHSA-R6CH-MQF9-QC9W Regular Expression Denial of Service in Headers
Impact The Headers.set and Headers.append methods are vulnerable to Regular Expression Denial of Service ReDoS attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the headerValueNormalize utility function...
CVE-2023-22578
Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections...
GHSA-2QXP-XMX6-CQ4F Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.5.4...
GHSA-33M6-Q9V5-62R7 go.uuid has Predictable UUID Identifiers
CVE Description for go.uuid A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker. Updat...
RUSTSEC-2023-0006 X.400 address type confusion in X.509 `GeneralName`
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...
CVE-2023-25136
OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One...
GHSA-3GV2-29QC-V67M Symfony vulnerable to Session Fixation of CSRF tokens
Description ----------- When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performin...
GHSA-4X65-4FJX-R7M6 Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin
Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file...
RLSA-2023:0328 Moderate: go-toolset and golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputi...
GHSA-P84V-45XJ-WWQJ ReDoS based DoS vulnerability in Action Dispatch
There is a possible regular expression based DoS vulnerability in Action Dispatch. This vulnerability has been assigned the CVE identifier CVE-2023-22792. Versions Affected: = 3.0.0 Not affected: 3.0.0 Fixed Versions: 5.2.8.15 Rails LTS, 6.1.7.1, 7.0.4.1 Impact Specially crafted cookies, in...
GHSA-5PM2-9MR2-3FRQ Component takeover in Oracle Data Provider for .NET
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful...
RLSA-2023:0099 Moderate: virt:rhel and virt-devel:rhel security and bug fix update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...
DSA-5315-1 libxstream-java - security update
Bulletin has no description...
GHSA-8GCG-VWMW-RXJ4 Flarum notifications can leak restricted content
Using the notifications feature, one can read restricted/private content and bypass access checks that would be in place for such content. The notification-sending component does not check that the subject of the notification can be seen by the receiver, and proceeds to send notifications through...
ASB-A-242703780
In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-1097
NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...
CVE-2022-23531 Arbitrary file write when scanning a specially-crafted local PyPI package
GuardDog is a CLI tool to identify malicious PyPI packages. Versions prior to 0.1.5 are vulnerable to Relative Path Traversal when scanning a specially-crafted local PyPI package. Running GuardDog against a specially-crafted package can allow an attacker to write an arbitrary file on the machine...
GHSA-7GPW-FRPH-FWRG TYPO3-EXT-SA-2022-018: Multiple vulnerabilities in extension "Master-Quiz" (fp_masterquiz)
An issue was discovered in the fpmasterquiz aka Master-Quiz extension before 2.2.1, and 3.x before 3.5.1, for TYPO3. An attacker can continue the quiz of a different user. In doing so, the attacker can view that user's answers and modify those answers...
CVE-2022-45685
A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service DoS via crafted JSON data...
CVE-2022-23478 Out of Bound Write in xrdp
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of Bound Write in xrdpmmtransprocessdrdynvcchannelopen function. There are no known workarounds for this issue. Users are advised to upgrade...
DLA-3227-1 ruby-rails-html-sanitizer - security update
Bulletin has no description...
CVE-2022-35256
The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling...
DLA-3206-1 heimdal - security update
Bulletin has no description...
DLA-3187-1 dropbear - security update
Bulletin has no description...
DLA-3183-1 webkit2gtk - security update
Bulletin has no description...
ALSA-2022:7444 Moderate: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 Race condition in VTRESIZEX ioctl when vcconsi.d is...
GO-2022-1095 Unsanitized NUL in environment variables on Windows in syscall and os/exec
Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavi...
ALSA-2022:7288 Important: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full strength general purpose cryptography library. Security Fixes: OpenSSL: X.509 Email Address Buffer Overflow CVE-2022-3602 OpenSSL: X.509 Email Address Variable Length...
CVE-2022-41974
multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege...
DLA-3160-1 tomcat9 - security update
Bulletin has no description...
RLSA-2022:7108 Moderate: sqlite security update
SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...
ALSA-2022:7134 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: a use-after-free in clsroute filter implementation may lead to privilege escalation CVE-2022-2588 kernel: information leak in...
DLA-3157-1 bluez - security update
Bulletin has no description...
CVE-2022-3598
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b...
CVE-2022-40084
OpenCRX before v5.2.2 was discovered to be vulnerable to password enumeration due to the difference in error messages received during a password reset which could enable an attacker to determine if a username, email or ID is valid...