Post Content
Category Archives: Advisories
GLSA 202209-01: GNU Gzip, XZ Utils: Arbitrary file write
DSA-5227 libgoogle-gson-java – security update
It was discovered that Gson, a Java library that can be used to convert Java
Objects into their JSON representations and vice versa, was vulnerable to a deserialization flaw. An application would de-serialize untrusted data without
sufficiently verifying that the resulting data will be valid, letting the
attacker to control the state or the flow of the execution. This can lead to a
denial of service or even the execution of arbitrary code.
firejail-0.9.70-1.fc36
FEDORA-2022-e8e9b50a33
Packages in this update:
firejail-0.9.70-1.fc36
Update description:
Update to 0.9.70 (rhbz#2042724).
Mitigates CVE-2022-31214 (rhbz#2095070).
firejail-0.9.70-1.fc35
FEDORA-2022-827d9ce8ac
Packages in this update:
firejail-0.9.70-1.fc35
Update description:
Update to 0.9.70 (rhbz#2042724).
Mitigates CVE-2022-31214 (rhbz#2095070).
firejail-0.9.70-1.fc37
FEDORA-2022-7ecd36b131
Packages in this update:
firejail-0.9.70-1.fc37
Update description:
Update to 0.9.70 (rhbz#2042724).
Mitigates CVE-2022-31214 (rhbz#2095070).
firejail-0.9.70-1.fc38
FEDORA-2022-674e299893
Packages in this update:
firejail-0.9.70-1.fc38
Update description:
Automatic update for firejail-0.9.70-1.fc38.
Changelog
* Tue Sep 6 2022 Maxwell G <gotmax@e.email> – 0.9.70-1
– Update to 0.9.70 (rhbz#2042724).
– Mitigates CVE-2022-31214 (rhbz#2095070).
CVE-2020-21516
There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP code.
CVE-2020-8586
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2021-36829
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 at WordPress.