FEDORA-2022-83405f9d5b
Packages in this update:
grafana-7.5.15-1.fc34
Update description:
update to 7.5.15 tagged upstream community sources, see CHANGELOG
resolve CVE-2022-21673 grafana: Forward OAuth Identity Token can allow users to access some data sources
resolve CVE-2022-21702 grafana: XSS vulnerability in data source handling
resolve CVE-2022-21703 grafana: CSRF vulnerability can lead to privilege escalation
resolve CVE-2022-21713 grafana: IDOR vulnerability can lead to information disclosure
resolve CVE-2021-23648 sanitize-url: XSS
resolve CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter
declare Node.js dependencies of subpackages
make vendor and webpack tarballs reproducible
More Stories
libxml2-2.12.9-1.fc40
FEDORA-2024-9f3765a04b Packages in this update: libxml2-2.12.9-1.fc40 Update description: Update to 2.12.9 Fixes CVE-2024-40896 Read More
libxml2-2.12.9-1.fc41
FEDORA-2024-867a14de12 Packages in this update: libxml2-2.12.9-1.fc41 Update description: Update to 2.12.9 Fixes CVE-2024-40896. Read More
iwd-3.3-1.fc40 libell-0.71-1.fc40
FEDORA-2024-0fa283c43a Packages in this update: iwd-3.3-1.fc40 libell-0.71-1.fc40 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
iwd-3.3-1.fc41 libell-0.71-1.fc41
FEDORA-2024-256818da09 Packages in this update: iwd-3.3-1.fc41 libell-0.71-1.fc41 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...