python-django4.2-4.2.16-1.fc39
urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
Dan Smith, Julia Kreger and Jay Faulkner discovered that in
image processing for Ironic, a specially crafted image
could be used by an authenticated user to exploit undesired behaviors
in qemu-img, including possible unauthorized access to potentially
sensitive data.
aardvark-dns-1.12.2-1.fc39
Security fix for CVE-2024-8418
aardvark-dns-1.12.2-1.fc40
Security fix for CVE-2024-8418
aardvark-dns-1.12.2-1.fc41
Security fix for CVE-2024-8418
It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or execute code with the privileges of the user
invoking the program.
ruby-3.3.5-14.fc42
Update to Ruby 3.3.5
It was discovered that Twisted incorrectly handled response order when
processing multiple HTTP requests. A remote attacker could possibly use
this issue to delay and manipulate responses.
This issue only affected Ubuntu 24.04 LTS. (CVE-2024-41671)
It was discovered that Twisted did not properly sanitize certain input.
An attacker could use this vulnerability to possibly execute an HTML
injection leading to a cross-site scripting (XSS) attack.
(CVE-2024-41810)
osc-1.9.1-420.1.1.el9
New upstream release 1.9.1, fixes CVE-2024-22034
osc-1.9.1-420.1.1.fc39
New upstream release 1.9.1, fixes CVE-2024-22034
