rubygem-nokogiri-1.13.1-2.fc35
FEDORA-2022-9ed7641ce0 Packages in this update: rubygem-nokogiri-1.13.1-2.fc35 Update description: Backport fix for possible DOS by regex assigned as CVE-2022-24836. Read More
rubygem-nokogiri-1.13.4-1.fc36
FEDORA-2022-d231cb5e1f Packages in this update: rubygem-nokogiri-1.13.4-1.fc36 Update description: New version 1.13.4 is released. This new version addresses possible DOS by regex, assigned as CVE-2022-24836. Read...
composer-2.3.5-1.fc35
FEDORA-2022-47d2e7da46 Packages in this update: composer-2.3.5-1.fc35 Update description: Version 2.3.5 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Added warning when...
composer-2.3.5-1.fc36
FEDORA-2022-60ec715192 Packages in this update: composer-2.3.5-1.fc36 Update description: Version 2.3.5 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Added warning when...
composer-2.3.5-1.el9
FEDORA-EPEL-2022-cfff8c1f5c Packages in this update: composer-2.3.5-1.el9 Update description: Version 2.3.5 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Added warning when...
composer-2.2.12-1.fc34
FEDORA-2022-617a6df23e Packages in this update: composer-2.2.12-1.fc34 Update description: Version 2.2.12 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Fixed curl downloader...
composer-1.10.26-1.el7
FEDORA-EPEL-2022-a970a526cb Packages in this update: composer-1.10.26-1.el7 Update description: Version 1.10.26 - 2022-04-13 Security: Fixed command injection vulnerability in HgDriver/GitDriver (GHSA-x7cr-6qr6-2hh6 / CVE-2022-24828) Version 1.10.25 -...
Microsoft Patch Tuesday 0-day Escalation of Privilege Vulnerability (CVE-2022-24521)
Microsoft has released over 117 security fixes for this month's April 2022 release. Besides the usual security fixes, there were two zero days of note...
Industroyer2 Discovered Attacking Critical Ukrainian Verticals
FortiGuard Labs is aware of new reports of Industroyer2, the successor to the Industroyer malware. First discovered in 2016, Industroyer was attributed to energy grid...
CVE-2019-6834
A CWE-502: Deserialization of Untrusted Data vulnerability exists which could allow an attacker to execute arbitrary code on the targeted system with SYSTEM privileges when...