The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both "manifests" and "layers" fields could be
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. References:
Fixes limit recursion in ri-records. (CVE-2021-3622) References: - https://bugs.mageia.org/show_bug.cgi?id=29382 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/USD4OEV6L3RPHE32V2MJ4JPFBODINWSU/
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator
This update fixes a few security related bugs: - regex: fix buffer read overrun in search [BZ# 28470] - nptl: Do not set signal mask on second setjmp return [BZ #28607] References:
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. (CVE-2019-7282)
Server processes unencrypted bytes from man-in-the-middle. (CVE-2021-23214) libpq processes unencrypted bytes from man-in-the-middle. (CVE-2021-23222) References:
All FreeRDP clients prior to version 2.4.1 using gateway connections ('/gt:rpc') fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a
Server-side Request Forgery (SSRF) References: - https://bugs.mageia.org/show_bug.cgi?id=29592 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/HMUJA5GZTPQ5WRYUCCK2GEZM4W43N7HH/
Privilege escalation that allows an attacker to add or remove data in any database or make configuration changes. (CVE-2021-38295) References: - https://bugs.mageia.org/show_bug.cgi?id=29548
Header injection via default_mimetype / default_charset mbstring may use pointer from some previous request Unexpected behavior with arrays and JIT Special character is breaking the path in xml function (CVE-2021-21707) XMLReader::getParserProperty may throw with a valid property
Updated rust packages fix security vulnerability This update mitigates a security concern in the Unicode standard, affecting source code containing "bidirectional override" Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being
The chromium-browser-stable package has been updated to 96.0.4664.45 version that fixes multiples security vulnerabilities. For changes from 94.0.4606.71 (released on September 30, 2021) to the 96.0.4664.45 version, see referenced advisories.
A symbolic link (Symlink) following vulnerability in arpwatch allows local attackers with control of the runtime user to run arpwatch and to escalate to root upon the next restart of arpwatch. (CVE-2021-25321) References:
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. (CVE-2021-42260) References:
CVE-2021-42780: Fixed use after return in insert_pin() (bsc#1192005). CVE-2021-42779: Fixed use after free in sc_file_valid() (bsc#1191992). CVE-2021-42781: Fixed multiple heap buffer overflows in pkcs15-oberthur.c (bsc#1192000). CVE-2021-42782: Stack buffer overflow issues in various places