Category Archives: Advisories

js-jquery-ui-1.13.2-1.el7

Read Time:21 Second

FEDORA-EPEL-2022-a06d5c7af1

Packages in this update:

js-jquery-ui-1.13.2-1.el7

Update description:

A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting (XSS) attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label.

Read More

js-jquery-ui-1.13.2-1.fc36

Read Time:21 Second

FEDORA-2022-1a01ed37e2

Packages in this update:

js-jquery-ui-1.13.2-1.fc36

Update description:

A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting (XSS) attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label.

Read More

js-jquery-ui-1.13.2-1.fc37

Read Time:21 Second

FEDORA-2022-7291b78111

Packages in this update:

js-jquery-ui-1.13.2-1.fc37

Update description:

A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting (XSS) attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label.

Read More

js-jquery-ui-1.13.2-1.fc35

Read Time:21 Second

FEDORA-2022-22d8ba36d0

Packages in this update:

js-jquery-ui-1.13.2-1.fc35

Update description:

A flaw was found in the jquery-UI package. Affected versions of this package are vulnerable to Cross-site scripting (XSS) attack via the initialization of a check-box-radio widget on an input tag enclosed within a label, leading to the parent label contents being considered as the input label.

Read More

USN-5724-1: Thunderbird vulnerabilities

Read Time:57 Second

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
bypass Content Security Policy (CSP) or other security restrictions, or
execute arbitrary code. These issues only affect Ubuntu 18.04 LTS, Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-3266, CVE-2022-40956,
CVE-2022-40957, CVE-2022-40958, CVE-2022-40959, CVE-2022-40960,
CVE-2022-40962)

Multiple security issues were discovered in the Matrix SDK bundled with
Thunderbird. An attacker could potentially exploit these in order to
impersonate another user. These issues only affect Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39236, CVE-2022-39249,
CVE-2022-39250, CVE-2022-39251)

Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, or execute arbitrary code. (CVE-2022-42927,
CVE-2022-42928, CVE-2022-42929, CVE-2022-42932)

Read More