Latest fedoraproject extra packages for enterprise linux Vulnerabilities

Exim: SMTP smuggling
ubuntu/exim4<4.86.2-2ubuntu2.6+
ubuntu/exim4<4.90.1-1ubuntu1.10+
ubuntu/exim4<4.93-13ubuntu1.10
ubuntu/exim4<4.95-4ubuntu2.5
ubuntu/exim4<4.96-17ubuntu2.2
ubuntu/exim4<4.97-3
and 8 more
Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
Broadcom Tcpreplay=4.4.3
Broadcom Tcpreplay=4.4.4
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=39
W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
Tats W3m=0.5.3\+git20230121-1
Tats W3m=0.5.3\+git20230121-2
Tats W3m=0.5.3\+git20230129
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=39
debian/w3m<=0.5.3-37<=0.5.3-37+deb10u1<=0.5.3+git20210102-6+deb11u1<=0.5.3+git20230121-2
and 6 more
Mock: privilege escalation for users that can access mock configuration
Rpm-software-management Mock
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Extra Packages For Enterprise Linux=9.0
Fedoraproject Fedora=38
Fedoraproject Fedora=39
and 7 more
Ansible: template injection
pip/ansible-core<2.14.12
pip/ansible-core>=2.15.0<2.15.8
pip/ansible-core>=2.16.0<2.16.1
Redhat Ansible<2.14.12
Redhat Ansible>=2.15.0<2.15.7
Redhat Ansible=2.16.0
and 11 more
Rce due to lfi risk in some misconfigured shared hosting environments
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 12 more
Insufficient capability checks when updating the parent of a course category
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
Cache poisoning risk with endpoint revision numbers
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
Auto-populated h5p author name causes a potential information leak
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
Moodle: duplicating a bigbluebutton activity assigns the same meeting id
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
Moodle Moodle>=4.0.0<4.0.11
Moodle Moodle>=4.1.0<4.1.6
Moodle Moodle>=4.2.0<4.2.3
and 2 more
Students can view other users in "only see own membership" groups
redhat/moodle<4.2.3
Moodle Moodle=4.2.2
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=38
composer/moodle/moodle<4.3.0-rc2
Authenticated remote code execution risk in imscp
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
Moodle Moodle<3.9.24
and 7 more
Authenticated remote code execution risk in lesson
redhat/moodle<4.2.3
redhat/moodle<4.1.6
redhat/moodle<4.0.11
redhat/moodle<3.11.17
redhat/moodle<3.9.24
composer/moodle/moodle<4.3.0-rc2
and 7 more
Imagemagick: heap use-after-free in coders/bmp.c
redhat/ImageMagick<7.1.2
ubuntu/imagemagick<8:6.9.7.4+dfsg-16ubuntu6.15+
ubuntu/imagemagick<8:6.9.10.23+dfsg-2.1ubuntu11.9+
ubuntu/imagemagick<8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3+
ubuntu/imagemagick<8:6.7.7.10-6ubuntu3.13+
ubuntu/imagemagick<8:6.8.9.9-7ubuntu5.16+
and 6 more
W3m: out of bounds read in growbuf_to_str() at w3m/indep.c
Tats W3m=0.5.3\+git20230121
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
W3m Project W3m=0.5.3\+git20230121
W3m: out of bounds read in strnew_size() at w3m/str.c
Tats W3m=0.5.3\+git20230121
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
W3m Project W3m=0.5.3\+git20230121
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an ap...
ImageMagick ImageMagick<7.1.1-19
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora
redhat/ImageMagick 7.1.1<19
ubuntu/imagemagick<8:6.9.11.60+dfsg-1.3ubuntu0.22.04.3+
ubuntu/imagemagick<8:6.9.11.60+dfsg-1.3ubuntu0.22.10.5
and 3 more
A heap-based buffer overflow issue was discovered in ImageMagick's ReadTIM2ImageData() function in coders/tim2.c. A local attacker could trick the user in opening specially crafted file, triggering an...
ImageMagick ImageMagick<7.1.1-10
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
A heap use after free issue was discovered in ImageMagick's ReplaceXmpValue() function in MagickCore/profile.c. An attacker could trick user to open a specially crafted file to convert, triggering an ...
ImageMagick ImageMagick<7.1.1-10
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
redhat/ImageMagick 7.1.1<10
A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an applicatio...
ImageMagick ImageMagick<6.9.12-26
ImageMagick ImageMagick>=7.1.1-0<7.1.1-10
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
redhat/ImageMagick 6.9.12<26
and 6 more
A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.
Sound Exchange Project Sound Exchange<=14.4.3
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.
ubuntu/sox<14.4.2+
ubuntu/sox<14.4.2-3ubuntu0.18.04.3+
ubuntu/sox<14.4.2+
ubuntu/sox<14.4.2+
ubuntu/sox<14.4.2+
ubuntu/sox<14.4.1-3ubuntu1.1+
and 12 more
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
Sox Project Sox=14.4.3
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
ImageMagick ImageMagick<7.1.1.11
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
ImageMagick ImageMagick<7.1.1.11
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
and 9 more
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
ImageMagick ImageMagick<7.1.1.11
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.
Sox Project Sox=14.4.3
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=38
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request...
Moodle Moodle>=3.9.0<3.9.21
Moodle Moodle>=3.11.0<3.11.14
Moodle Moodle>=4.0.0<4.0.8
Moodle Moodle>=4.1.0<4.1.3
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=36
and 7 more
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request...
Moodle Moodle>=4.1.0<4.1.3
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
redhat/moodle<4.1.3
and 1 more
A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, trigg...
<6.9.12-84
=7.1.1-4
=8.0
=37
ImageMagick ImageMagick<6.9.12-84
ImageMagick ImageMagick=7.1.1-4
and 9 more
A specially created SVG file that loads by itself and make segmentation fault. Remote attackers can take advantage of this vulnerability to cause a denial of service of the generated SVG file. It see...
<7.1.1-0
=8.0
=9.0
=36
=37
=8.0
and 16 more
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious...
redhat/haproxy<0:2.4.17-3.el9_1.2
redhat/haproxy<0:2.4.7-2.el9_0.2
redhat/haproxy<0:2.2.19-3.el8
redhat/haproxy<0:2.2.24-2.el8
redhat/haproxy<0:2.2.24-3.rhaos4.13.el8
redhat/haproxy<0:2.2.15-6.el8
and 24 more
### Impact It is possible to craft an environment variable with newlines to add entries to a container's /etc/passwd. It is possible to circumvent admission validation of username/UID by adding such a...
redhat/cri-o<0:1.24.4-10.rhaos4.11.git1ed5ac5.el8
redhat/cri-o<0:1.25.2-10.rhaos4.12.git0a083f9.el8
Kubernetes CRI-O
Redhat Openshift Container Platform For Arm64=4.12
Redhat Openshift Container Platform For Linuxone=4.12
Redhat Openshift Container Platform For Power=4.12
and 11 more
The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set.
Rxvt-unicode Project Rxvt-unicode=9.25
Rxvt-unicode Project Rxvt-unicode=9.26
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
redhat/rxvt-unicode<9.30
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potent...
QEMU qemu<=7.1.0
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=37
Redhat Enterprise Linux=8.0
redhat/qemu-kvm<7.2.0
A blind Server-Side Request Forgery (SSRF) vulnerability was found in Moodle. This flaw exists due to insufficient validation of user-supplied input in LTI provider library. The library does not utili...
Moodle Moodle<3.9.18
Moodle Moodle>=3.11.0<3.11.11
Moodle Moodle>=4.0.0<4.0.5
Fedoraproject Extra Packages For Enterprise Linux=7.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 4 more
Severity/Risk: Minor Versions affected: 4.0 to 4.0.3, 3.11 to 3.11.9, 3.9 to 3.9.16 and earlier unsupported versions Versions fixed: 4.0.4, 3.11.10 and 3.9.17 Reported by: Jari Vilkman and Bjørn T...
Moodle Moodle>=3.9.0<3.9.17
Moodle Moodle>=3.11.0<3.11.10
Moodle Moodle>=4.0.0<4.0.4
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Severity/Risk: Minor Versions affected: 4.0 to 4.0.3, 3.11 to 3.11.9, 3.9 to 3.9.16 and earlier unsupported versions Versions fixed: 4.0.4, 3.11.10 and 3.9.17 Reported by: Vincent CVE identifier: ...
Moodle Moodle>=3.9.0<3.9.17
Moodle Moodle>=3.11.0<3.11.10
Moodle Moodle>=4.0.0<4.0.4
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Severity/Risk: Serious Versions affected: 4.0 to 4.0.3, 3.11 to 3.11.9, 3.9 to 3.9.16 and earlier unsupported versions Versions fixed: 4.0.4, 3.11.10 and 3.9.17 Reported by: Adam Roberts, NCC Grou...
Moodle Moodle>=3.9.0<3.9.17
Moodle Moodle>=3.11.0<3.11.10
Moodle Moodle>=4.0.0<4.0.4
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
ImageMagick ImageMagick<6.9.12-62
ImageMagick ImageMagick>=7.1.0-0<7.1.0-47
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Extra Packages For Enterprise Linux=9.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 3 more
In ImageMagick 7.1.0-29, a crafted file could trigger an assertion failure when a call to WriteImages was made in MagickWand/operation.c, due to a NULL image list. This could potentially cause a denia...
redhat/ImageMagick 7.1.0<30
Fedoraproject Extra Packages For Enterprise Linux=8.0
ImageMagick ImageMagick<7.1.0-30
Fedoraproject Fedora=36
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI i...
Google Chrome<103.0.5060.134
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Google Chrome<103.0.5060.53
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Heap buffer overflow in WebRTC
Apple Safari<15.6
<12.5
Apple iOS<15.6
Apple iPadOS<15.6
Google Chrome<103.0.5060.114
WebRTC WebRTC
and 31 more
Type Confusion in V8
Google Chrome<103.0.5060.114
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Google Chrome<103.0.5060.114
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a ne...
<6.9.12-43
>=7.1.0<7.1.0-28
=8.0
=36
=7.0
ImageMagick ImageMagick<6.9.12-43
and 12 more
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a ne...
<6.9.12-44
>=7.1.0<7.1.0-29
=8.0
=36
=6.0
=7.0
and 15 more
Use after free in Chrome OS Shell
Google Chrome<103.0.5060.114
Google Chrome OS
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Google Chrome<103.0.5060.114
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not properly abort when someone provides and empty password...
FreeRDP FreeRDP<2.7.0
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Fedoraproject Fedora=36
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git f...
redhat/rubygem-git<0:1.11.0-1.el8
Git Git<1.11.0
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 1 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203