In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for anyone to push or manage apps.
A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllersadmin.php, which could let a malicious user delete any file such as install.lock to reinstall cms.
skopeo-1.7.0-1.fc34
Security fix for CVE-2022-21698, skopeo likely not directly impacted
skopeo-1.7.0-1.fc36
Security fix for CVE-2022-21698, skopeo likely not directly impacted
tests subpackage depends on /usr/sbin/unsquashfs
skopeo-1.7.0-1.fc35
Security fix for CVE-2022-21698, skopeo likely not directly impacted.
tests subpackage depends on /usr/sbin/unsquashfs
openssl1.1-1.1.1n-1.fc36
Security fix for CVE-2022-0778
openssl1.1-1.1.1n-1.fc37
Automatic update for openssl1.1-1.1.1n-1.fc37.
* Thu Mar 24 2022 Clemens Lang <cllang@redhat.com> – 1:1.1.1n-1
– Upgrade to version 1.1.1n
Resolves: CVE-2022-0778, rhbz#2064918
zlib 1.2.11 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
ghc-cmark-gfm-0.2.3-1.fc34
ghc-hakyll-4.13.4.0-5.1.fc34
gitit-0.13.0.0-5.1.fc34
pandoc-2.9.2.1-10.fc34
pandoc-citeproc-0.17.0.1-5.fc34
patat-0.8.6.1-1.1.fc34
Security fix for CVE-2022-24724
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
fixed upstream in Haskell cmark-gfm-0.2.3 in bundled cmark-gfm-0.29.0.gfm.3 C library
pandoc-citeproc: update HsYAML-aeson to 0.2.0.1
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
