Read Time:7 Second
Multiple vulnerabilities have been discovered in the lrzip compression
program which could result in denial of service or potentially the
execution of arbitrary code.
Category Archives: Advisories
USN-5438-1: HTMLDOC vulnerability
Read Time:15 Second
It was discovered that HTMLDOC did not properly manage memory under certain
circumstances. If a user were tricked into opening a specially crafted HTML
file, a remote attacker could possibly use this issue to cause HTMLDOC to
crash, resulting in a denial of service, or possibly execute arbitrary code.
python-jwt-2.4.0-1.el9
Read Time:12 Second
FEDORA-EPEL-2022-91e9137f63
Packages in this update:
python-jwt-2.4.0-1.el9
Update description:
Update to 2.4.0 to address CVE-2022-29217.
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
python-jwt-2.4.0-1.fc36
Read Time:11 Second
FEDORA-2022-3cf456dc20
Packages in this update:
python-jwt-2.4.0-1.fc36
Update description:
Update to 2.4.0 to address CVE-2022-29217.
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
python-jwt-2.4.0-1.fc35
Read Time:11 Second
FEDORA-2022-4ae9110f51
Packages in this update:
python-jwt-2.4.0-1.fc35
Update description:
Update to 2.4.0 to address CVE-2022-29217.
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
USN-5437-1: libXfixes vulnerability
Read Time:8 Second
Tobias Stoeckmann discovered that libXfixes incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
weechat-3.5-2.fc35
Read Time:6 Second
FEDORA-2022-127b6e8a95
Packages in this update:
weechat-3.5-2.fc35
Update description:
Update to new upstream version.
weechat-3.5-2.fc36
Read Time:6 Second
FEDORA-2022-d165104234
Packages in this update:
weechat-3.5-2.fc36
Update description:
Update to new upstream version.
weechat-3.5-2.fc34
Read Time:6 Second
FEDORA-2022-6e226a21ed
Packages in this update:
weechat-3.5-2.fc34
Update description:
Update to new upstream version.
CVE-2021-32958
Read Time:20 Second
Successful exploitation of this vulnerability on Claroty Secure Remote Access (SRA) Site versions 3.0 through 3.2 allows an attacker with local command line interface access to gain the secret key, subsequently allowing them to generate valid session tokens for the web user interface (UI). With access to the web UI an attacker can access assets managed by the SRA installation and could compromise the installation.