Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

Important: Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release

The 1.3.3 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

cpython: POP3 command injection in user-controlled commands

A flaw was found in the poplib module in the Python standard library. The poplib module does not reject control characters, such as newlines, in user-controlled input passed to POP3 commands. This issue allows an attacker to inject additional commands to be executed in the POP3 server...

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

Moderate: Red Hat Security Advisory: python security update

An update for python is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPM Release

Red Hat Hardened Images RPM Release Red Hat Hardened Images RPM Release...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 director Operator container images

Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1 Wallaby for RHEL 9.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing

A flaw was found in GIMP. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the conte...

gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing

A flaw was found in GIMP. This uninitialized memory vulnerability allows a remote attacker to execute arbitrary code on affected installations. Successful exploitation requires user interaction, where the target must open a specially crafted PGM Portable Graymap image file. This can lead to...

gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability

A flaw was found in GIMP. A remote attacker can exploit this out-of-bounds write vulnerability by tricking a user into opening a specially crafted XWD X Window Dump file. This issue occurs due to improper validation of user-supplied data during XWD file parsing, leading to a write past the end of...

Important: Red Hat Security Advisory: gimp security update

An update for gimp is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...