USN-6735-1: Node.js vulnerabilities

Read Time:44 Second

It was discovered that Node.js incorrectly handled the use of invalid public
keys while creating an x509 certificate. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker could
possibly use this issue to cause a denial of service. This issue only affected
Ubuntu 23.10. (CVE-2023-30588)

It was discovered that Node.js incorrectly handled the use of CRLF sequences to
delimit HTTP requests. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to obtain unauthorised access. This issue only affected
Ubuntu 23.10. (CVE-2023-30589)

It was discovered that Node.js incorrectly described the generateKeys()
function in the documentation. This inconsistency could possibly lead to
security issues in applications that use these APIs.
(CVE-2023-30590)

Microsoft Promises to Keep European Cloud Data in Europe

Brits Lose £106m to Romance Fraud in a Year

What Is Cyber Risk

Threat Actors Target Victims with HijackLoader and DeerStealer

Archetyp Market Shut Down in Europe-wide Law Enforcement Operation

Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus

Anubis Ransomware Adds File-Wiping Capability

Over a Third of Grafana Instances Exposed to XSS Flaw

WestJet Investigates Cyber-Attack Impacting Customers

USN-6735-1: Node.js vulnerabilities

USN-7555-3: Django vulnerability

spdlog-1.14.1-4.fc41

dotnet8.0-8.0.117-1.fc41

dotnet8.0-8.0.117-1.fc42

USN-7571-1: c3p0 vulnerability

python-setuptools-69.2.0-10.fc41