Ubuntu Security Notice 6142-1 - Gal Goldshtein discovered that nghttp2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
8db0cfa1ab9c208a5c6578a0215c4766c126c7705ad9c0c431e5eb80778831e7
Debian Linux Security Advisory 5005-1 - A security vulnerability has been found in Kaminari, a pagination engine plugin for Rails 3+ and other modern frameworks, that would allow an attacker to inject arbitrary code into pages with pagination links.
dbd745d6925f25ef097151545adcf0a39b8c2fdc2cb35ffb17db7f107ad9b86f
Red Hat Security Advisory 2020-4647-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. The vinagre packages provide the Vinagre remote desktop viewer for the GNOME desktop. Issues addressed include double free, integer overflow, and out of bounds read vulnerabilities.
f6b531d011f7ebaa409f722443045addc4a82fdb38f716efafed3a5f91a55ec4
Red Hat Security Advisory 2020-4031-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include double free, integer overflow, and out of bounds read vulnerabilities.
d37fa26a22d073b815b332659e669b9540e4614c0ad306ab73cb1a6cc3b20998
Red Hat Security Advisory 2020-3578-01 - OpenShift Container Platform components are primarily written in Go. The golang.org/x/text contains text-related packages which are used for text operations, such as character encodings, text transformations, and locale-specific text handling. Kibana is one of the major components of OpenShift Container Platform cluster logging. It is a browser-based console interface to query, discover, and visualize the log data. Issues addressed include a cross site scripting vulnerability.
76031ee5b291a4db7234b7111c7dc3217a89ce4c9123293670c14dbd76b08150
Red Hat Security Advisory 2020-3525-01 - Quay 3.3.1 release has been released. An issue where build triggers can disclose robot account names and existence of private repos within namespaces has been addressed.
3f0048d4bdec59a51f24f090fac9217f3567fd502a0907966e5df07b310946ee
Red Hat Security Advisory 2020-3372-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
15f8218926e31fddac4d72a068f13ab48a873143fcc6b353105a0e0f83f64a23
October CMS builds 465 and below suffer from arbitrary file read, arbitrary file deletion, file uploading to arbitrary locations, persistent and reflective cross site scripting, and CSV injection vulnerabilities.
db161c36ea18421b21654c361479e95224d40c18622344eb445b051377246742
Red Hat Security Advisory 2020-3084-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service and integer overflow vulnerabilities.
7a4caa69e6c2b55ec9e17b1435e419c0e4f4298a4da2e39e480c2298868fd2f7
Red Hat Security Advisory 2020-3042-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
e7765e130071fe1aed44a6aa897f5dc59df0c6c8f4136fb6ca90fc3edb17713a
Red Hat Security Advisory 2020-2895-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass, denial of service, and integer overflow vulnerabilities.
680e779c9e3835286a8719240773d16d587c92d31d1a764199074cfa834ac3be
Red Hat Security Advisory 2020-2852-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
1e24609706569805264896389d47a50da4b931bded85681c1a9784b359ee9210
Red Hat Security Advisory 2020-2848-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
01d7c988d318715dd14781e26eec5cc619ac01728927cd50142b32f5c9df60c2
Red Hat Security Advisory 2020-2849-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include a denial of service vulnerability.
dc60f758491980ac3a11561215a4caff0c35e2289f85ed044b975b26538c56e1
Red Hat Security Advisory 2020-2847-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include bypass and denial of service vulnerabilities.
e5f4967b448d97773a801b2e8a80c6460ccfb6a255a99ae1e1723bed68884dab
Red Hat Security Advisory 2020-2850-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
116201c31d0e45a4806e06ae99432f7de0d7d319057ab8a9e0d2a7c6a6372148
Red Hat Security Advisory 2020-2823-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
e7842fbbcf3bae47b075a53a2a176c7fd73322cb94b6f298a861b649a712e938
Red Hat Security Advisory 2020-2784-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
94bf8e913e098f956f7b8158d51276e0542af032d25d8ecfaf3f6157e54cf2b4
Debian Linux Security Advisory 4696-1 - Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code.
d8516cb50b72042afd3677ce970bc7873ca8cf7463bb3f2d29ebe7a93cbe32c0
Red Hat Security Advisory 2020-2755-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
d11adf3d805faf3dbef817e9ef58c4c6f4cd13bf9ad3634b2d52a78080852383
Red Hat Security Advisory 2020-2646-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.
d1788a8e61cb334acd50091690da62efff82c9e0d9528c9f46c5226408959805
Red Hat Security Advisory 2020-2644-01 - This release adds the new Apache HTTP Server 2.4.37 Service Pack 3 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 2 and includes bug fixes and enhancements. Issues addressed include buffer over-read, denial of service, and memory leak vulnerabilities.
3c5cb032e0a7a155597c19347749b668adb80897922efd1951e936de20b50b4f
Red Hat Security Advisory 2020-2524-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
fbfa3ba2771ca3d2c3032055cbc5daf2cd75681af6e4354f70742b1030e2f63e
Red Hat Security Advisory 2020-2523-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Issues addressed include a denial of service vulnerability.
5859bd4dc9842ce8ad71eb33e4bacf18fed875d7b192627c580c22fb4c19d266
Red Hat Security Advisory 2020-2475-01 - .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address a security vulnerability are now available. The updated versions are .NET Core SDK 3.1.105 and .NET Core Runtime 3.1.5. Issues addressed include a denial of service vulnerability.
659636b8f768e3f7761a9dde065662d8eeda36073ddabe3108076813ab877df8