Read Time:8 Second
FEDORA-EPEL-2023-55df79c1ba
Packages in this update:
netconsd-0.2-1.el9
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
Category Archives: Advisories
netconsd-0.2-1.fc36
Read Time:8 Second
FEDORA-2023-80b2470d3c
Packages in this update:
netconsd-0.2-1.fc36
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
netconsd-0.2-1.fc37
Read Time:8 Second
FEDORA-2023-88629e9585
Packages in this update:
netconsd-0.2-1.fc37
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
netconsd-0.2-1.fc38
Read Time:8 Second
FEDORA-2023-f25098f499
Packages in this update:
netconsd-0.2-1.fc38
Update description:
Update to 0.2 to address CVE-2023-28753; Fixes: RHBZ#2181655
CVE-2021-3674
Read Time:15 Second
A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object’s callback function.
CVE-2021-3684
Read Time:15 Second
A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the associated user.
CVE-2020-36691
Read Time:10 Second
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.
CVE-2021-3844
Read Time:27 Second
Rapid7 InsightVM suffers from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user’s password is changed by an administrator due to an otherwise unrelated credential leak, that user account’s current session is still valid after the password change, potentially allowing the attacker who originally compromised the credential to remain logged in and able to cause further damage. This vulnerability is mitigated by the use of the Platform Login feature. This issue is related to CVE-2019-5638.
curl-7.82.0-14.fc36
Read Time:18 Second
FEDORA-2023-7e7414e64d
Packages in this update:
curl-7.82.0-14.fc36
Update description:
fix SSH connection too eager reuse still (CVE-2023-27538)
fix GSS delegation too eager connection re-use (CVE-2023-27536)
fix FTP too eager connection reuse (CVE-2023-27535)
fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
fix TELNET option IAC injection (CVE-2023-27533)
curl-7.87.0-7.fc38
Read Time:21 Second
FEDORA-2023-0de03a9232
Packages in this update:
curl-7.87.0-7.fc38
Update description:
fix SSH connection too eager reuse still (CVE-2023-27538)
fix HSTS double-free (CVE-2023-27537)
fix GSS delegation too eager connection re-use (CVE-2023-27536)
fix FTP too eager connection reuse (CVE-2023-27535)
fix SFTP path ~ resolving discrepancy (CVE-2023-27534)
fix TELNET option IAC injection (CVE-2023-27533)