Category Archives: Advisories

python-engineio-4.3.4-2.fc38

Read Time:22 Second

FEDORA-2022-8ca9330e57

Packages in this update:

python-engineio-4.3.4-2.fc38

Update description:

Automatic update for python-engineio-4.3.4-2.fc38.

Changelog

* Thu Sep 15 2022 Benjamin A. Beasley <code@musicinmybrain.net> 4.3.4-2
– Don’t ship package-lock.json files with the examples
– This keeps from having automated bugs filed for irrelevant CVE’s in NPM
packages that are mentioned there. See RHBZ#2127005.

Read More

CVE-2018-25047

Read Time:15 Second

In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user.

Read More