It was discovered that ImageMagick incorrectly handled certain malformed
image files. If a user or automated system using ImageMagick were tricked
into opening a specially crafted image, an attacker could exploit this to
cause a denial of service or execute code with the privileges of the user
invoking the program.
ruby-3.3.5-14.fc42
Update to Ruby 3.3.5
It was discovered that Twisted incorrectly handled response order when
processing multiple HTTP requests. A remote attacker could possibly use
this issue to delay and manipulate responses.
This issue only affected Ubuntu 24.04 LTS. (CVE-2024-41671)
It was discovered that Twisted did not properly sanitize certain input.
An attacker could use this vulnerability to possibly execute an HTML
injection leading to a cross-site scripting (XSS) attack.
(CVE-2024-41810)
osc-1.9.1-420.1.1.el9
New upstream release 1.9.1, fixes CVE-2024-22034
osc-1.9.1-420.1.1.fc39
New upstream release 1.9.1, fixes CVE-2024-22034
osc-1.9.1-420.1.1.fc40
New upstream release 1.9.1, fixes CVE-2024-22034
osc-1.9.1-420.1.1.fc41
New upstream release 1.9.1, fixes CVE-2024-22034
Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code.
mbedtls-2.28.9-1.fc41
Update to 2.28.9
Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.9
