Find the information you need for your favorite open source distribution .
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, privilege escalation or spoofing.
It was discovered that the PEAR Archive_Tar package for handling tar files in PHP is prone to a directory traversal flaw due to inadequate checking of symbolic links.
Jan-Niklas Sohn discovered that missing input sanitising in the XInput extension of the X.org X server may result in privilege escalation if the X server is running privileged.
It was reported that python-bleach, a whitelist-based HTML-sanitizing library, is prone to a mutation XSS vulnerability in bleach.clean when 'svg' or 'math' are in the allowed tags, 'p' or 'br' are in allowed tags, 'style', 'title', 'noscript', 'script', 'textarea', 'noframes',
Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in information disclosure or denial of service. For the stable distribution (buster), these problems have been fixed in
Stan Hu discovered that kramdown, a pure Ruby Markdown parser and converter, performed insufficient namespace validation of Rouge syntax highlighting formatters.
