Month: September 2023

FEDORA-2023-52aa3d1a4f Packages in this update: libppd-2.0~rc2-4.fc39 Update description: CVE-2023-4504 libppd: Postscript Parsing Heap Overflow Read More

A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared),...

It was discovered that libppd incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a...

It was discovered that CUPS incorrectly parsed certain Postscript objects. If a user or automated system were tricked into printing a specially crafted document, a...

A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability. Read...

paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML...

It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue...

FEDORA-FLATPAK-2023-ee7c6eb99f Packages in this update: thunderbird-stable-3820230920095641.1 Update description: Update to 102.15.1 ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-28/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-32/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-37/ ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/ ; https://www.thunderbird.net/en-US/thunderbird/102.15.0/releasenotes/ Read More