Red Hat Security Advisory 2024-2559-03 - An update for python-jwcrypto is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
d57c593f87b1c3af1db8e653f8db1f35bb9247bc2729d39ae842d3a029078435Ubuntu Security Notice 6758-1 - It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named __proto__. An attacker could possibly use this issue to pollute the prototype of the returned object, setting arbitrary or unexpected keys, and cause a denial of service, allow unintended access to network services or have other unspecified impact, depending on the application's use of the module.
10c35ac640b9fc8c5f799d18da39309e30d744b585fd766bdde2765ee9ecbda3Ubuntu Security Notice 6759-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. If a user were tricked into connecting to a malicious server, a remote attacker could possibly use this issue to cause FreeRDP to crash, resulting in a denial of service.
3a5628139a70311c31214964c15cd8597177950d361357a28e3507256052bf61Red Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
462bc3d09215be0bbf81e8c4c531f8af9c1a08788384e4109de00f728a5419d4Red Hat Security Advisory 2024-2368-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
0f5aa200c9600539480d0e610eaa416fe914f44d18db901641229f81dadf01f1Red Hat Security Advisory 2024-2272-03 - An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
aab3ea11ba3cc43c986d8f387bed1562f9c6e7142c5f49b717d1f8fc9e15cb51Red Hat Security Advisory 2024-2245-03 - An update for buildah is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
e3a890a94fcfd6915e19ffb4ed33d3c57acc11fed1da871a5e574f9854812f19Red Hat Security Advisory 2024-2193-03 - An update for podman is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
5de72c44aefdf5578e02d90c6af0b90c216978f2c1acb52e6fd03f127f8c07d2Red Hat Security Advisory 2024-2184-03 - An update for libsndfile is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and integer overflow vulnerabilities.
2731dd1ec804a96acfe3a51dc62314bf991ab4a07f95f0b946a9cb62f1664ec6Red Hat Security Advisory 2024-2160-03 - An update for toolbox is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
c8d61c7795041e610ddcba8110d59ad4885b82b91d49c53fb5a67a47815eb6d5Red Hat Security Advisory 2024-2156-03 - An update for frr is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service, null pointer, and out of bounds read vulnerabilities.
322e995e947b0f50c6a28c612069dfcfec9b69f5fd131b62429972f99975294aRed Hat Security Advisory 2024-2147-03 - An update for ipa is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
a39117bce15df63c0eeb0adc17a49cd241ff1e935fb21cf7a64795de25961d69Red Hat Security Advisory 2024-2135-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service, null pointer, and use-after-free vulnerabilities.
6aed43bd4a645b4866faa207eff247f254ced1faa9c2d71da518875587f3e3f1Red Hat Security Advisory 2024-2126-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution, denial of service, and use-after-free vulnerabilities.
8baa4f4c7bf33e4e714b9101573fdfd7b6c0b19e9a37df72797570d863dca77fRed Hat Security Advisory 2024-2113-03 - An update for pcs is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
6633ba96f1861362e1a73ecab02b3c76a83311f8282bb72ddc29c5caa48cc90aDebian Linux Security Advisory 5675-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
00ccb50fae5e1ffc0dedb975935d1c430bdb1c0605de3c11ff7187b895a8800fUbuntu Security Notice 6744-3 - USN-6744-1 fixed a vulnerability in Pillow. This update provides the corresponding updates for Ubuntu 24.04 LTS. Hugo van Kemenade discovered that Pillow was not properly performing bounds checks when processing an ICC file, which could lead to a buffer overflow. If a user or automated system were tricked into processing a specially crafted ICC file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
a3c5e325117510f72eaab078b9452bd572b5c6a7b644c56f33872ee990abf55dUbuntu Security Notice 6734-2 - USN-6734-1 fixed vulnerabilities in libvirt. This update provides the corresponding updates for Ubuntu 24.04 LTS. Alexander Kuznetsov discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. It was discovered that libvirt incorrectly handled certain RPC library API calls. An attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service.
de9bb025a2d32f7b6bc492105033df1d20ac65f5466d9541f8a4b62ce26e46e5Ubuntu Security Notice 6733-2 - USN-6733-1 fixed vulnerabilities in GnuTLS. This update provides the corresponding updates for Ubuntu 24.04 LTS. It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10.
ddfa9b53cf55c5c796be4d398f38aed182745e8f5742e95f3b46d0343f9fcb73Ubuntu Security Notice 6718-3 - USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service.
ade4e33456f4d06c99e18ff976f56f75797e1d3f0b86ecd687782229e52eb969Ubuntu Security Notice 6729-3 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service.
64bc41b5243d484a6b2e16655cb72ea9b8aa3a19737b46627dbb01cfa4e8fb4eUbuntu Security Notice 6737-2 - USN-6737-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 24.04 LTS. Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
d547d0cf23618743ec2bd33bede52369b6bc5a9e3ce645acccfd6d92d390e28cRed Hat Security Advisory 2024-2088-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include denial of service, memory exhaustion, and memory leak vulnerabilities.
85e9f4b82829cdb5154e6b0ed68982f3a590b552ab033dc5ccb8378824c92ab2Red Hat Security Advisory 2024-2079-03 - An update for git-lfs is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
3cd30580ffa328322a6495d5895e0beff813cfc5f046717b71b4649ef9301f27Red Hat Security Advisory 2024-1897-03 - Red Hat OpenShift Container Platform release 4.14.22 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and memory leak vulnerabilities.
3dc7300cb575928816fb3106bb7b92145b5c67d3fa2b7ba1bcb3e3ad75476549
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed