** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA.

Read More

[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.20.0 to 5.21.0: Patch 202206.1
Arnie Cabral
Thu, 06/30/2022 – 11:05

Read More

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code.

Read More

FEDORA-2022-970b0fe929

Packages in this update:

osbuild-composer-56-1.fc36

Update description:

Update to osbuild-composer 56

Read More

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3414. Reason: This candidate is a duplicate of CVE-2012-3414. Notes: All CVE users should reference CVE-2012-3414 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Read More

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, the `tagName` property of an `Ember.View` was inserted into such a string without being sanitized. This means that if an application assigns a view’s `tagName` to user-supplied data, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain (“XSS”). This vulnerability only affects applications that assign or bind user-provided content to `tagName`.

Read More

It was discovered that Libjpeg6b was not properly performing bounds
checks when compressing PPM and Targa image files. An attacker could
possibly use this issue to cause a denial of service.
(CVE-2018-11212)

Chijin Zhou discovered that Libjpeg6b was incorrectly handling the
EOF character in input data when generating JPEG files. An attacker
could possibly use this issue to force the execution of a large loop,
force excessive memory consumption, and cause a denial of service.
(CVE-2018-11813)

Sheng Shu and Dongdong She discovered that Libjpeg6b was not properly
limiting the amount of memory being used when it was performing
decompression or multi-pass compression operations. An attacker could
possibly use this issue to force excessive memory consumption and
cause a denial of service. (CVE-2020-14152)

Read More

FEDORA-2022-6628e8d771

Packages in this update:

php-laminas-diactoros2-2.11.2-1.fc36

Update description:

Version 2.11.2

Bug

95: Resolve Host header and X-Forwarded-Proto regressions thanks to @weierophinney

Release Notes for 2.11.1

This is a SECURITY release. All users are encouraged to upgrade immediately.

Added

This release adds features to allow filtering a ServerRequest as generated by LaminasDiactorosServerRequestFactory::fromGlobals() for the purposes of initialization. Examples include:

Adding a request identifier.
Using X-Forwarded-* headers to modify the URL to represent the original client request.

The features are based on a new interface, LaminasDiactororsServerRequestFilterFilterServerRequestInterface, which defines a single method:

public function __invoke(
PsrHttpMessageServerRequestInterface $request
): PsrHttpMessageServerRequestInterface

We provide two implementations, as follows:

LaminasDiactorosServerRequestFilterDoNotFilter will return the provided request verbatim.
LaminasDiactorosServerRequestFilterFilterUsingXForwardedHeaders has named constructors that allow you to define how and when X-Forwarded- headers are used to modify the URI instance associated with the request. These methods are:
* trustAny(): this method generates a filter instance that will trust all X-Forwarded- headers from any source.
* trustReservedSubnets(array $trustedHeaders = ?): this method generates a filter instance that only modifies the URL if the IP address of the requesting server is from a reserved, private subnet (localhost; classes A, B, and C subnets; and IPv6 private and local-link subnets). By default, it will trust all X-Forwarded- headers from these sources, but you may specify a list to allow via the $trustedHeaders argument.
* trustProxies(array $proxyCIDRList, array $trustedHeaders = ?): this method will generate a filter instance that only modifies the URL if the requesting server matches an entry in the $proxyCIDRList. These entries may be IP addresses, or any IPv4 or IPv6 CIDR subnets. By default, it will trust all X-Forwarded- headers from these sources, but you may specify a list to allow via the $trustedHeaders argument.

ServerRequestFactory::fromGlobals() now accepts a FilterServerRequestInterface instance as the optional argument $requestFilter. If none is provided, it uses one as produced by FilterUsingXForwardedHeaders::trustReservedSubnets().

Deprecated

The function LaminasDiactorosmarshalUriFromSapi() is deprecated, and no longer used internally.

Changed

LaminasDiactorosServerRequestFactory::fromGlobals() no longer consumes marshalUriFromSapi(), and instead inlines an alternate implementation. The new implementation does not consider X-Forwarded- headers by default when generating the associated URI instance. Internally, if no FilterServerRequestInterface implementation is provided, it defaults to using an instance returned by FilterUsingXForwardeHeaders::trustReservedSubnets(). If you previously relied on X-Forwarded- headers, you MAY need to update your code to use either the FilterUsingXForwardedHeaders::trustAny() or FilterUsingXForwardedHeaders::trustProxies() methods to generate a filter to use with ServerRequestFactory::fromGlobals().

Fixed

Fixes CVE-2022-31109

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Read More