Debian: DSA-5341-1: wpewebkit security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826
Find the information you need for your favorite open source distribution .
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826
The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42826
Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophic backtracking for HTML content with specially crafted style attributes.
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure.
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in OpenStack Compute (codenamed Nova) may result in information disclosure.
Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Glance, the OpenStack image registry and delivery service, may result in information disclosure.
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. For the stable distribution (bullseye), these problems have been fixed in
Martin van Kervel Smedshammer discovered that varnish, a state of the art, high-performance web accelerator, is prone to a HTTP/2 request forgery vulnerability.
Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell.