DSA-5522-3 tomcat9 – regression update
A regression was discovered in the Http2UpgradeHandler class of Tomcat 9 introduced by the patch to fix CVE-2023-44487 (Rapid Reset Attack). A wrong value for...
DSA-5528 node-babel7 – security update
William Khem-Marquez discovered that using malicious plugins for the the Babel JavaScript compiler could result in arbitrary code execution during compilation Read More
CVE-2018-25091
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme)....
matrix-synapse-1.80.0-7.fc37
FEDORA-2023-954c2ec5bd Packages in this update: matrix-synapse-1.80.0-7.fc37 Update description: Backport fix for CVE-2023-45129 Read More
CVE-2022-43868
IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445. Read...
CVE-2022-43740
IBM Security Verify Access OIDC Provider could allow a remote user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID:...
CVE-2022-33165
IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing...
CVE-2022-33161
IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security....
CVE-2022-32755
IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this...
gdb-13.2-10.fc39
FEDORA-2023-89ade611ee Packages in this update: gdb-13.2-10.fc39 Update description: Backport upstream commit d28fbc7197b which fixes RHBZ 2233965, Security fix for CVE-2022-48065 Read More