Read Time:9 Second
Two vulnerabilities were discovered in uriparser, a library that parses
Uniform Resource Identifiers (URIs), which may result in denial of
service or potentially in the execution of arbitrary code.
Category Archives: Advisories
A Vulnerability in F5Networks BIG-IP Could Allow for Denial of Service
Read Time:19 Second
A vulnerability has been discovered in F5Networks BIG-IP, which could result in a denial-of-service (DoS). BIG-IP is a family of products covering software and hardware designed around application availability, access control, and security solutions. Successful exploitation of this vulnerability could allow an attacker to cause a denial of service to all servers sitting behind the BIG-IP system.
DSA-5062 nss – security update
Read Time:7 Second
Tavis Ormandy discovered that incorrect parsing of pkcs7 sequences in
nss, the Mozilla Network Security Service library, may result in denial
of service.
DSA-5061 wpewebkit – security update
Read Time:3 Second
The following vulnerabilities have been discovered in the wpewebkit
web engine:
DSA-5060 webkit2gtk – security update
Read Time:3 Second
The following vulnerabilities have been discovered in the webkit2gtk
web engine:
DSA-5059 policykit-1 – security update
Read Time:4 Second
The Qualys Research Labs discovered a local privilege escalation in
PolicyKit’s pkexec.
DSA-5058 openjdk-17 – security update
Read Time:7 Second
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, bypass of deserialization
restrictions or information disclosure.
DSA-5057 openjdk-11 – security update
Read Time:7 Second
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, bypass of deserialization
restrictions or information disclosure.
DSA-5056 strongswan – security update
Read Time:12 Second
Zhuowei Zhang discovered a bug in the EAP authentication client code of
strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some
scenarios even the server authentication, or could lead to a denial-of-service
attack.
DSA-5055 util-linux – security update
Read Time:16 Second
The Qualys Research Labs discovered two vulnerabilities in util-linux’s
libmount. These flaws allow an unprivileged user to unmount other users’
filesystems that are either world-writable themselves or mounted in a
world-writable directory
(CVE-2021-3996), or to unmount FUSE filesystems that belong to certain other
users
(CVE-2021-3995).