mod_auth_openidc-2.4.12.2-1.fc37
CVE-2022-23527 mod_auth_openidc: Open Redirect in oidc_validate_redirect_url() using tab character
mod_auth_openidc-2.4.12.2-1.fc38
Automatic update for mod_auth_openidc-2.4.12.2-1.fc38.
* Fri Dec 16 2022 Tomas Halman <thalman@redhat.com> – 2.4.12.2-1
Rebase to 2.4.12.2 version
– Resolves: rhbz#2153658 – CVE-2022-23527 mod_auth_openidc: Open Redirect in
oidc_validate_redirect_url() using tab character
fasterxml-oss-parent-49-2.fc38
jackson-annotations-2.14.1-3.fc38
jackson-bom-2.14.1-1.fc38
jackson-core-2.14.1-1.fc38
jackson-databind-2.14.1-1.fc38
jackson-jaxrs-providers-2.14.1-1.fc38
jackson-modules-base-2.14.1-1.fc38
jackson-parent-2.14-1.fc38
Rebase Jackson packages to the latest upstream version (2.14.1)
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Multiple security issues were discovered in Thunderbird, which could
result in the execution of arbitrary code or information disclosure.
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
File upload vulnerability in function upload in action/Core.class.php in zhimengzhe iBarn 1.5 allows remote attackers to run arbitrary code via avatar upload to index.php.
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.
Directory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request.
