firmitas-0.1.3-1.fc39
Cryptography v42 is the new thing.
Please follow the steps provided here https://github.com/fedora-infra/firmitas/blob/main/README.md for testing.
References
https://github.com/fedora-infra/firmitas/security/dependabot/1
https://github.com/fedora-infra/firmitas/security/dependabot/2
https://github.com/fedora-infra/firmitas/security/dependabot/3
firmitas-0.1.3-1.fc40
Cryptography v42 is the new thing.
Please follow the steps provided here https://github.com/fedora-infra/firmitas/blob/main/README.md for testing.
References
https://github.com/fedora-infra/firmitas/security/dependabot/1
https://github.com/fedora-infra/firmitas/security/dependabot/2
https://github.com/fedora-infra/firmitas/security/dependabot/3
firmitas-0.1.3-1.el9
Cryptography v42 is the new thing.
Please follow the steps provided here https://github.com/fedora-infra/firmitas/blob/main/README.md for testing.
References
https://github.com/fedora-infra/firmitas/security/dependabot/1
https://github.com/fedora-infra/firmitas/security/dependabot/2
https://github.com/fedora-infra/firmitas/security/dependabot/3
This vulnerability allows remote attackers to bypass authentication on affected installations of Parse Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-39309.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2024-5019.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2024-5018.
This vulnerability allows local attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. An attacker must first obtain the ability to execute low-privileged code on the target system or send an HTTP request from a local machine in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.4. The following CVEs are assigned: CVE-2024-5009.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-5014.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-5015.
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-5013.
