A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak.
Category Archives: Advisories
CVE-2021-22100
In cloud foundry CAPI versions prior to 1.122, a denial-of-service attack in which a developer can push a service broker that (accidentally or maliciously) causes CC instances to timeout and fail is possible. An attacker can leverage this vulnerability to cause an inability for anyone to push or manage apps.
CVE-2020-21554
A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_list parameter in controllersadmin.php, which could let a malicious user delete any file such as install.lock to reinstall cms.
skopeo-1.7.0-1.fc34
FEDORA-2022-6043a7b938
Packages in this update:
skopeo-1.7.0-1.fc34
Update description:
Security fix for CVE-2022-21698, skopeo likely not directly impacted
skopeo-1.7.0-1.fc36
FEDORA-2022-5f253807ce
Packages in this update:
skopeo-1.7.0-1.fc36
Update description:
Security fix for CVE-2022-21698, skopeo likely not directly impacted
tests subpackage depends on /usr/sbin/unsquashfs
skopeo-1.7.0-1.fc35
FEDORA-2022-eda0e65b01
Packages in this update:
skopeo-1.7.0-1.fc35
Update description:
Security fix for CVE-2022-21698, skopeo likely not directly impacted.
tests subpackage depends on /usr/sbin/unsquashfs
openssl1.1-1.1.1n-1.fc36
FEDORA-2022-8bb51f6901
Packages in this update:
openssl1.1-1.1.1n-1.fc36
Update description:
Security fix for CVE-2022-0778
openssl1.1-1.1.1n-1.fc37
FEDORA-2022-d6cd1e0cc1
Packages in this update:
openssl1.1-1.1.1n-1.fc37
Update description:
Automatic update for openssl1.1-1.1.1n-1.fc37.
Changelog
* Thu Mar 24 2022 Clemens Lang <cllang@redhat.com> – 1:1.1.1n-1
– Upgrade to version 1.1.1n
Resolves: CVE-2022-0778, rhbz#2064918
CVE-2018-25032
zlib 1.2.11 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
ghc-cmark-gfm-0.2.3-1.fc34 ghc-hakyll-4.13.4.0-5.1.fc34 gitit-0.13.0.0-5.1.fc34 pandoc-2.9.2.1-10.fc34 pandoc-citeproc-0.17.0.1-5.fc34 patat-0.8.6.1-1.1.fc34
FEDORA-2022-1f981071eb
Packages in this update:
ghc-cmark-gfm-0.2.3-1.fc34
ghc-hakyll-4.13.4.0-5.1.fc34
gitit-0.13.0.0-5.1.fc34
pandoc-2.9.2.1-10.fc34
pandoc-citeproc-0.17.0.1-5.fc34
patat-0.8.6.1-1.1.fc34
Update description:
Security fix for CVE-2022-24724
https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x
fixed upstream in Haskell cmark-gfm-0.2.3 in bundled cmark-gfm-0.29.0.gfm.3 C library
pandoc-citeproc: update HsYAML-aeson to 0.2.0.1