CVE-2021-46898
views/switch.py in django-grappelli (aka Django Grappelli) before 2.15.2 attempts to prevent external redirection with startswith("/") but this does not consider a protocol-relative URL (e.g., //example.com)...
CVE-2021-46897
views.py in Wagtail CRX CodeRed Extensions (formerly CodeRed CMS or coderedcms) before 0.22.3 allows upward protected/..%2f..%2f path traversal when serving protected media. Read More
rt-5.0.5-2.fc39
FEDORA-2023-699bd1497e Packages in this update: rt-5.0.5-2.fc39 Update description: Upstream security and bugfix update. Read More
rt-5.0.5-1.fc38
FEDORA-2023-64fe19f832 Packages in this update: rt-5.0.5-1.fc38 Update description: Upstream security and bugfix update. Read More
rt-5.0.5-1.fc39
FEDORA-2023-dda28e9e7c Packages in this update: rt-5.0.5-1.fc39 Update description: Upstream security and bugfix update. Read More
DSA-5530-1 ruby-rack – security update
Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injection. https://security-tracker.debian.org/tracker/DSA-5530-1 Read...
DSA-5530 ruby-rack – security update
Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injection. Read More