what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2020-28458

Status Candidate

Overview

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.

Related Files

Red Hat Security Advisory 2021-1169-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1169-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-25657, CVE-2020-28458, CVE-2020-28477
SHA-256 | ad61386766366b722b219913b56b8cfa60dfc16f9db363fa82bc4c4108510fb1
Red Hat Security Advisory 2021-1184-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1184-01 - The ovirt-hosted-engine-setup package provides a self-hosted engine tool for the Red Hat Virtualization Manager. A self-hosted engine is a virtualized environment in which the Manager runs on a virtual machine on the hosts managed by the Manager. Bug Fix: In this release, it is now possible to enter a path to the OVA archive for local appliance installation using the cockpit-ovirt UI. Previously, following a successful migration on the Self-hosted Engine, he HA agent on the source host immediately moved to the state EngineDown, and shorly thereafter tried to start the engine locally, if the destination host didn't update the shared storage quickly enough, marking the Manager virtual machine as being up. As a result, starting the virtual machine failed due to a shared lock held by the destination host. This also resulted in generating false alarms and notifications. In this release, the HA agent first moves to the state EngineMaybeAway, providing the destination host more time to update the shared storage with the updated state. As a result, no notifications or false alarms are generated. Note: in scenarios where the virtual machine needs to be started on the source host, this fix slightly increases the time it takes the Manager virtual machine on the source host to start.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2020-28458
SHA-256 | 8c4853f907f45df559cfbcef018d60c5fcb4358ea5aa03417502549b5e324f5e
Red Hat Security Advisory 2021-1186-01
Posted Apr 14, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1186-01 - The ovirt-engine package provides the manager for virtualization environments. This manager enables admins to define hosts and networks, as well as to add storage, create VMs and manage user permissions. Bug Fix: Previously, saving user preferences in the Red Hat Virtualization Manager required the MANIPULATE_USERS permission level. As a result, user preferences were not saved on the server. In this release, the required permission level for saving user preferences was changed to EDIT_PROFILE, which is the permission level assigned by default to all users. As a result, saving user preferences works as expected. Issues addressed include a cross site scripting vulnerability.

tags | advisory, xss
systems | linux, redhat
advisories | CVE-2019-20921, CVE-2020-28458
SHA-256 | 4c18c1012319e88173dfbea22f337e2c7cfbebdf4b2a56114c37dc6509ff743c
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close