FEDORA-2023-9f2c631f0d

Packages in this update:

matrix-synapse-1.93.0-2.fc39

Update description:

Update to v1.93.0 (CVE-2023-41335, CVE-2023-42453)

Read More

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 3650 and Catalyst 3850 Series Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to improper resource management when processing traffic that is received on the management interface. An attacker could exploit this vulnerability by sending a high rate of traffic to the management interface. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Read More

A flaw was found in Red Hat’s AMQ-Streams, which ships a version of the OKHttp component with an information disclosure flaw via an exception triggered by a header containing an illegal value. This issue could allow an authenticated attacker to access information outside of their regular permissions.

Read More

A flaw was found in APICast, when 3Scale’s OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.

Read More

Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability.

Read More

xunruicms <=4.5.1 is vulnerable to Remote Code Execution.

Read More