A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by ‘Rocco Calvi (@TecR0c) with TecSecurity’ was reported to the affected vendor on: 2024-10-01, 0 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 30
<<< application/pkcs7-signature; name=”smime.p7s”: Unrecognized >>>
It was discovered that Flatpak incorrectly handled certain persisted
directories. An attacker could possibly use this issue to read
and write files in locations it would not normally have access to.
A patch was also needed to Bubblewrap in order to avoid race
conditions caused by this fix.
crosswords-0.3.13.3-4.fc41
Update to 0.3.13.3 and fix gresource generation
perl-App-cpanminus-1.7047-2.fc39
Patch the code to use https instead of http (CVE-2024-45321)
perl-App-cpanminus-1.7047-4.fc40
Patch the code to use https instead of http (CVE-2024-45321)
perl-App-cpanminus-1.7047-5.fc41
Patch the code to use https instead of http (CVE-2024-45321)
logiops-0.3.5-1.fc39
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
logiops-0.3.5-1.fc40
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
logiops-0.3.5-1.fc41
Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a potentially malicious sequence
