FEDORA-EPEL-2024-ed082ef765
Packages in this update:
chromium-131.0.6778.139-1.el10_0
Update description:
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.el10_0
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.fc41
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.el8
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
chromium-131.0.6778.139-1.fc40
Update to 131.0.6778.139
High CVE-2024-12381: Type Confusion in V8
High CVE-2024-12382: Use after free in Translate
USN-7108-1 fixed vulnerabilities in AysncSSH. This update provides the
corresponding update for Ubuntu 18.04 LTS.
Original advisory details:
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the extension info message. An attacker able to
intercept communications could possibly use this issue to downgrade
the algorithm used for client authentication. (CVE-2023-46445)
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the user authentication request message. An
attacker could possibly use this issue to control the remote end of an SSH
client session via packet injection/removal and shell emulation.
(CVE-2023-46446)
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46908.
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46907.
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46905.
This vulnerability allows remote attackers to escalate privileges on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-46906.
This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.0. The following CVEs are assigned: CVE-2024-12552.