Multiple vulnerabilities were discovered in Node.js, which could result in
HTTP request smuggling, a bypass of certificate verification or prototype
pollution.
Category Archives: Advisories
mingw-wavpack-5.4.0-5.fc35
FEDORA-2022-cece705cbf
Packages in this update:
mingw-wavpack-5.4.0-5.fc35
Update description:
Security fix for CVE-2021-44269
mingw-wavpack-5.4.0-5.fc36
FEDORA-2022-8e94ec2244
Packages in this update:
mingw-wavpack-5.4.0-5.fc36
Update description:
Security fix for CVE-2021-44269
DSA-5169 openssl – security update
It was discovered that the c_rehash script included in OpenSSL did not
sanitise shell meta characters which could result in the execution of
arbitrary commands.
Multiple Vulnerabilities in WatchGuard Firebox and XTM appliances Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in WatchGuard Firebox and XTM appliances, the most severe of which could allow for Remote code execution. WatchGuard Firebox is a unified security platform that gives IT professionals the network visibility tools to ensure enterprise-grade security. Depending on the privileges associated with the applications, an attacker could view, change, or delete data.
golang-x-net-0-0.60.20200807gitab34263.el8 golang-x-text-0.3.7-1.el8
FEDORA-EPEL-2022-46b9d78e30
Packages in this update:
golang-x-net-0-0.60.20200807gitab34263.el8
golang-x-text-0.3.7-1.el8
Update description:
golang-x-text
Update to 0.3.7. Fixes rhbz#1945761.
Mitigate CVE-2021-38561 (rhbz#2100495).
golang-x-net
Rebuild to mitigate CVE-2021-38561 (rhbz#2100495).
CVE-2013-1891
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
CVE-2013-1916
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved.
python-twisted-22.4.0-1.fc35
FEDORA-2022-9a489fa494
Packages in this update:
python-twisted-22.4.0-1.fc35
Update description:
Update to 22.4.0 Close: rhbz#2046562 rhbz#2073115 rhbz#2060972 rhbz#2059508
Security fix CVE-2022-24801
Security fix for CVE-2022-21716
Security fix for CVE-2022-21712
python-twisted-22.4.0-1.fc36
FEDORA-2022-71b66d4747
Packages in this update:
python-twisted-22.4.0-1.fc36
Update description:
Update to 22.4.0 Close: rhbz#2046562 rhbz#2073115 rhbz#2060972 rhbz#2059508
Security fix CVE-2022-24801
Security fix for CVE-2022-21716
Security fix for CVE-2022-21712