⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Automatically generated suggestions

Create Draft to queue a suggestion for refinement.

Dismiss to remove a suggestion from the queue.

CVE-2024-6519
8.2 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): HIGH
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 weeks, 2 days ago
Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.

qemu
qemu-kvm
qemu-kvm-ma
virt:av/qemu-kvm
virt:rhel/qemu-kvm

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

pkgs.qemu_xen_4_15

A generic and open source machine emulator and virtualizer

pkgs.qemu_xen_4_15-light

A generic and open source machine emulator and virtualizer
Notify package maintainers: 11
CVE-2024-25590
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
created 2 weeks, 2 days ago
Crafted responses can lead to a denial of service due to cache inefficiencies in the Recursor

An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service.

pdns-recursor
<5.1.2
<4.9.9
<5.0.9
Notify package maintainers: 1
CVE-2023-6841
7.5 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): HIGH
updated 2 weeks ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 2 days ago
  • @LeSuisse removed
    3 packages
    • pkgs.terraform-providers.keycloak 4.4.0
    • pkgs.python311Packages.python-keycloak 4.0.0
    • pkgs.python312Packages.python-keycloak 4.0.0
    2 weeks ago
Keycloak: amount of attributes per object is not limited and it may lead to dos

A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values.

keycloak
Notify package maintainers: 3
CVE-2024-3727
8.3 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): REQUIRED
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
created 2 weeks, 3 days ago
Containers/image: digest type does not guarantee valid type

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

cri-o
*
image
<5.30.1
<5.29.3
conmon
podman
*
skopeo
*
buildah
*
atomic-openshift
osbuild-composer
containers-common
openshift-clients
openshift4/ose-cli
devspaces/udi-rhel8
container-tools:rhel8
*
openshift4/ose-deployer
quay/quay-builder-rhel8
openshift4/ose-installer
ocp-tools-4/jenkins-rhel8
source-to-image-container
container-tools:4.0/conmon
container-tools:4.0/podman
container-tools:4.0/skopeo
openshift4/ose-tools-rhel8
container-tools:4.0/buildah
container-tools:rhel8/conmon
container-tools:rhel8/podman
container-tools:rhel8/skopeo
openshift-serverless-clients
openshift4/ose-cli-artifacts
container-tools:rhel8/buildah
oadp/oadp-velero-plugin-rhel8
oadp/oadp-velero-plugin-rhel9
*
openshift4/ose-docker-builder
multicluster-engine/hive-rhel8
openshift4/ose-olm-rukpak-rhel8
openshift4/ose-operator-registry
rhacm2/submariner-rhel8-operator
openshift4/oc-mirror-plugin-rhel8
openshift4/ose-installer-artifacts
osp-director-provisioner-container
openshift4/assisted-installer-rhel8
ocp-tools-4/jenkins-agent-base-rhel8
container-tools:4.0/containers-common
source-to-image/source-to-image-rhel8
openshift-serverless-1/client-kn-rhel8
openshift4/ose-machine-config-operator
openshift4/ose-operator-registry-rhel9
*
container-tools:rhel8/containers-common
multicluster-engine/agent-service-rhel8
openshift4/ose-installer-altinfra-rhel8
openshift4/ose-baremetal-installer-rhel7
openshift4/ose-baremetal-installer-rhel8
openshift4/ose-openshift-apiserver-rhel7
openshift4/ose-openshift-apiserver-rhel8
openshift4/assisted-installer-agent-rhel8
openshift4/ose-operator-lifecycle-manager
*
advanced-cluster-security/rhacs-main-rhel8
*
ose-openshift-controller-manager-container
rhai-tech-preview/assisted-installer-rhel8
rhmtc/openshift-migration-controller-rhel8
*
ose-installer-terraform-providers-container
advanced-cluster-security/rhacs-roxctl-rhel8
*
multicluster-engine/assisted-installer-rhel8
openshift4/assisted-installer-reporter-rhel8
openshift4/ose-machine-config-rhel9-operator
*
openshift4/ose-olm-operator-controller-rhel8
openshift4/ose-olm-operator-controller-rhel9
*
advanced-cluster-security/rhacs-scanner-rhel8
*
rhacm2-tech-preview/submariner-rhel8-operator
advanced-cluster-security/rhacs-rhel8-operator
*
openshift4/ose-openshift-proxy-pull-test-rhel8
advanced-cluster-security/rhacs-collector-rhel8
*
advanced-cluster-security/rhacs-operator-bundle
*
container-native-virtualization/virt-cdi-cloner
openshift4/ose-agent-installer-api-server-rhel8
openshift4/ose-agent-installer-node-agent-rhel8
openshift4/ose-agent-installer-node-agent-rhel9
*
openshift4/ose-operator-lifecycle-manager-rhel9
*
advanced-cluster-security/rhacs-central-db-rhel8
*
advanced-cluster-security/rhacs-scanner-db-rhel8
*
advanced-cluster-security/rhacs-scanner-v4-rhel8
*
rhai-tech-preview/assisted-installer-agent-rhel8
container-native-virtualization/virt-cdi-importer
container-native-virtualization/virt-cdi-operator
openshift-sandboxed-containers/osc-rhel9-operator
openshift4/ose-agent-installer-csr-approver-rhel8
openshift4/ose-agent-installer-orchestrator-rhel8
*
openshift4/ose-agent-installer-orchestrator-rhel9
*
openshift4/ose-openshift-controller-manager-rhel7
openshift4/ose-openshift-controller-manager-rhel8
advanced-cluster-security/rhacs-scanner-slim-rhel8
*
container-native-virtualization/virt-cdi-apiserver
multicluster-engine/assisted-installer-agent-rhel8
advanced-cluster-security/rhacs-scanner-v4-db-rhel8
*
container-native-virtualization/virt-cdi-controller
rhai-tech-preview/assisted-installer-reporter-rhel8
advanced-cluster-security/rhacs-collector-slim-rhel8
*
container-native-virtualization/virt-cdi-uploadproxy
openshift-sandboxed-containers/osc-must-gather-rhel8
openshift-sandboxed-containers/osc-must-gather-rhel9
advanced-cluster-security/rhacs-scanner-db-slim-rhel8
*
container-native-virtualization/virt-cdi-cloner-rhel9
container-native-virtualization/virt-cdi-uploadserver
multicluster-engine/assisted-installer-reporter-rhel8
container-native-virtualization/virt-cdi-importer-rhel9
container-native-virtualization/virt-cdi-operator-rhel9
container-native-virtualization/virt-cdi-apiserver-rhel9
container-native-virtualization/virt-cdi-controller-rhel9
*
container-native-virtualization/virt-cdi-uploadproxy-rhel9
container-native-virtualization/virt-cdi-uploadserver-rhel9
openshift-sandboxed-containers-tech-preview/osc-rhel8-operator
openshift-sandboxed-containers-tech-preview/osc-must-gather-rhel8

pkgs.cri-o

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.conmon

OCI container runtime monitor

pkgs.imagej

Image processing and analysis in Java

pkgs.podman

Program for managing pods, containers and container images

pkgs.skopeo

Command line utility for various operations on container images and image repositories

pkgs.buildah

Tool which facilitates building OCI images

pkgs.trimage

Cross-platform tool for optimizing PNG and JPG files

pkgs.utsushi

SANE utsushi backend for some Epson scanners

pkgs.genimage

Generate filesystem images from directory trees

pkgs.imagelol

Simple program to store a file into a PNG image

pkgs.mkuimage

Create small Go-based root file systems -- with support for CPIOs and (TBD) Docker images

pkgs.SDL_image

SDL image library

pkgs.conmon-rs

OCI container runtime monitor written in Rust

pkgs.freeimage

Open Source library for accessing popular graphics image file formats

pkgs.partimage

Opensource disk backup software

pkgs.termimage

Display images in your terminal

pkgs.usbimager

Very minimal GUI app that can write compressed disk images to USB drives

pkgs.vcdimager

Full-featured mastering suite for authoring, disassembling and analyzing Video CDs and Super Video CDs

pkgs.SDL2_image

SDL image library

pkgs.image-roll

Simple and fast GTK image viewer with basic image manipulation tools

pkgs.podman-tui

Podman Terminal UI

pkgs.rpi-imager

Raspberry Pi Imaging Utility

pkgs.xloadimage

Graphics file viewer under X11

pkgs.appimagekit

Tool to package desktop applications as AppImages

pkgs.image_optim

Optimize images using multiple utilities

pkgs.imagemagick

Software suite to create, edit, compose, or convert bitmap images

pkgs.libappimage

Implements functionality for dealing with AppImage files

pkgs.openimageio

Library and tools for reading and writing images

pkgs.appimage-run

pkgs.gtkimageview

Image viewer widget for GTK

pkgs.imagemagick6

Software suite to create, edit, compose, or convert bitmap images

pkgs.imageworsener

Raster image scaling and processing utility

pkgs.libimagequant

Image quantization library

pkgs.onmetal-image

Onmetal OCI Image Specification, Library and Tooling

pkgs.sic-image-cli

Accessible image processing and conversion from the terminal

pkgs.SDL2_image_2_0

SDL image library

pkgs.SDL2_image_2_6

SDL image library

pkgs.appimageupdate

Update AppImages using information embedded in the AppImage itself

pkgs.image-analyzer

Suite of tools for emulating optical drives and discs

pkgs.imagemagickBig

Software suite to create, edit, compose, or convert bitmap images

pkgs.isoimagewriter

Program to write hybrid ISO files onto USB disks

pkgs.kubectl-images

Show container images used in the cluster

pkgs.podman-compose

Implementation of docker-compose with podman backend

pkgs.podman-desktop

A graphical tool for developing on containers and Kubernetes

pkgs.cargo-bootimage

Creates a bootable disk image from a Rust OS kernel

pkgs.cri-o-unwrapped

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.imagemagick6Big

Software suite to create, edit, compose, or convert bitmap images

pkgs.lxqt.lximage-qt

Image viewer and screenshot tool for lxqt

pkgs.lxd-image-server

Creates and manages a simplestreams lxd image server on top of nginx

pkgs.mlxbf-bootimages

BlueField boot images

pkgs.openimagedenoise

High-Performance Denoising Library for Ray Tracing

pkgs.appimageupdate-qt

Update AppImages using information embedded in the AppImage itself

pkgs.buildah-unwrapped

Tool which facilitates building OCI images

pkgs.imagemagick_light

Software suite to create, edit, compose, or convert bitmap images

pkgs.xorg.xcbutilimage

pkgs.CuboCore.coreimage

Image viewer from the C Suite

pkgs.appimage-run-tests

pkgs.grub2_pvgrub_image

PvGrub image for use for booting PV Xen guests

pkgs.imagemagick6_light

Software suite to create, edit, compose, or convert bitmap images

pkgs.qt5.qtimageformats

Cross-platform application framework for C++

pkgs.deepin.image-editor

Image editor lib for dtk

pkgs.nomad-driver-podman

Podman task driver for Nomad

pkgs.utsushi-networkscan

Network scan plugin for ImageScan v3

pkgs.alpine-make-vm-image

Make customized Alpine Linux disk image for virtual machines

pkgs.meme-image-generator

Command line utility for creating image macro style memes

pkgs.ascii-image-converter

Convert images into ASCII art on the console

pkgs.luaPackages.image-nvim

🖼️ Bringing images to Neovim.

pkgs.akkuPackages.sdl2-image

Bindings for SDL2_image

pkgs.libsForQt5.kimageformats

pkgs.lua51Packages.image-nvim

🖼️ Bringing images to Neovim.

pkgs.lua52Packages.image-nvim

🖼️ Bringing images to Neovim.

pkgs.lua53Packages.image-nvim

🖼️ Bringing images to Neovim.

pkgs.lua54Packages.image-nvim

🖼️ Bringing images to Neovim.

pkgs.python311Packages.podman

Python bindings for Podman's RESTful API

pkgs.python312Packages.podman

Python bindings for Podman's RESTful API

pkgs.haskellPackages.SDL-image

Binding to libSDL_image

pkgs.haskellPackages.stb-image

A wrapper around Sean Barrett's JPEG/PNG decoder

pkgs.kdePackages.kimageformats

KImageFormats

pkgs.libsForQt5.qtimageformats

Cross-platform application framework for C++

pkgs.luajitPackages.image-nvim

🖼️ Bringing images to Neovim.

pkgs.python311Packages.imageio

Library for reading and writing a wide range of image, video, scientific, and volumetric data formats

pkgs.python312Packages.imageio

Library for reading and writing a wide range of image, video, scientific, and volumetric data formats

pkgs.deepin.deepin-image-viewer

Image viewing tool with fashion interface and smooth performance

pkgs.kdePackages.isoimagewriter

Program to write hybrid ISO files onto USB disks

pkgs.kdePackages.qtimageformats

Cross-platform application framework for C++

pkgs.libsForQt5.kimageannotator

Tool for annotating images

pkgs.libsForQt5.kquickimageedit

Set of QtQuick components providing basic image editing capabilities

pkgs.python311Packages.appimage

AppImage start scripts

pkgs.python312Packages.appimage

AppImage start scripts

pkgs.qt6Packages.qtimageformats

Cross-platform application framework for C++

pkgs.haskellPackages.cairo-image

Image for Cairo

pkgs.kdePackages.kimageannotator

Tool for annotating images

pkgs.kdePackages.kimagemapeditor

Generator of HTML image maps

pkgs.libsForQt5.qtpbfimageplugin

Qt image plugin for displaying Mapbox vector tiles

pkgs.python311Packages.imagehash

Python Perceptual Image Hashing Module

pkgs.python311Packages.imagesize

Getting image size from png/jpeg/jpeg2000/gif file

pkgs.python311Packages.pdf2image

Module that wraps the pdftoppm utility to convert PDF to PIL Image object

pkgs.python312Packages.imagehash

Python Perceptual Image Hashing Module

pkgs.python312Packages.imagesize

Getting image size from png/jpeg/jpeg2000/gif file

pkgs.python312Packages.pdf2image

Module that wraps the pdftoppm utility to convert PDF to PIL Image object

pkgs.qt6Packages.kimageannotator

Tool for annotating images

pkgs.qt6Packages.kquickimageedit

Set of QtQuick components providing basic image editing capabilities

pkgs.haskellPackages.imagefilters

Image Filters (contrast, brightness, gaussian blur, etc)

pkgs.kdePackages.qtpbfimageplugin

Qt image plugin for displaying Mapbox vector tiles

pkgs.python311Packages.ansi2image

Module to convert ANSI text to an image

pkgs.python311Packages.dask-image

Distributed image processing

pkgs.python311Packages.html2image

Package acting as a wrapper around the headless mode of existing web browsers to generate images from URLs and from HTML+CSS strings or files

pkgs.python311Packages.image-diff

CLI tool for comparing images

pkgs.python311Packages.imagededup

Finding duplicate images made easy

pkgs.python311Packages.term-image

Display images in the terminal with python

pkgs.python312Packages.ansi2image

Module to convert ANSI text to an image

pkgs.python312Packages.dask-image

Distributed image processing

pkgs.python312Packages.html2image

Package acting as a wrapper around the headless mode of existing web browsers to generate images from URLs and from HTML+CSS strings or files

pkgs.python312Packages.image-diff

CLI tool for comparing images

pkgs.python312Packages.imagededup

Finding duplicate images made easy

pkgs.python312Packages.term-image

Display images in the terminal with python

pkgs.qt6Packages.qtpbfimageplugin

Qt image plugin for displaying Mapbox vector tiles

pkgs.haskellPackages.hakyll-images

Hakyll utilities to work with images

pkgs.kdePackages.kquickimageeditor

Set of QtQuick components providing basic image editing capabilities

pkgs.libsForQt5.mauikit-imagetools

MauiKit Image Tools Components

pkgs.plasma5Packages.kimageformats

pkgs.python311Packages.slicedimage

Library to access sliced imaging data

pkgs.python312Packages.slicedimage

Library to access sliced imaging data

pkgs.haskellPackages.cabal-appimage

Cabal support for creating AppImage applications

pkgs.plasma5Packages.qtimageformats

Cross-platform application framework for C++

pkgs.python311Packages.scikit-image

Image processing routines for SciPy

pkgs.python312Packages.scikit-image

Image processing routines for SciPy

pkgs.plasma5Packages.kimageannotator

Tool for annotating images

pkgs.plasma5Packages.kquickimageedit

Set of QtQuick components providing basic image editing capabilities

pkgs.python311Packages.image-go-nord

Tool that can convert rgb images to nordtheme palette

pkgs.python311Packages.spatial-image

Multi-dimensional spatial image data structure for scientific Python

pkgs.python312Packages.image-go-nord

Tool that can convert rgb images to nordtheme palette

pkgs.python312Packages.spatial-image

Multi-dimensional spatial image data structure for scientific Python

pkgs.vimPlugins.clipboard-image-nvim

pkgs.freshrss-extensions.reddit-image

FreshRSS extension to process Reddit feeds.

pkgs.plasma5Packages.qtpbfimageplugin

Qt image plugin for displaying Mapbox vector tiles

pkgs.python311Packages.imageio-ffmpeg

FFMPEG wrapper for Python

pkgs.python311Packages.qimage2ndarray

Small python extension for quickly converting between QImages and numpy.ndarrays (in both directions)

pkgs.python312Packages.imageio-ffmpeg

FFMPEG wrapper for Python

pkgs.python312Packages.qimage2ndarray

Small python extension for quickly converting between QImages and numpy.ndarrays (in both directions)

pkgs.vimPlugins.samodostal-image-nvim

pkgs.graphicsmagick-imagemagick-compat

Repack of GraphicsMagick that provides compatibility with ImageMagick interfaces

pkgs.haskellPackages.imagesize-conduit

Determine the size of some common image formats

pkgs.azure-cli-extensions.image-gallery

Support for Azure Image Gallery

pkgs.plasma5Packages.mauikit-imagetools

MauiKit Image Tools Components

pkgs.python311Packages.imagecodecs-lite

Block-oriented, in-memory buffer transformation, compression, and decompression functions

pkgs.python311Packages.imagecorruptions

This package provides a set of image corruptions

pkgs.python312Packages.imagecodecs-lite

Block-oriented, in-memory buffer transformation, compression, and decompression functions

pkgs.python312Packages.imagecorruptions

This package provides a set of image corruptions

pkgs.python311Packages.pytest-image-diff

Pytest helps for compare images and regression

pkgs.python312Packages.pytest-image-diff

Pytest helps for compare images and regression

pkgs.home-assistant-component-tests.image

Open source home automation that puts local control and privacy first

pkgs.haskellPackages.amazonka-imagebuilder

Amazon EC2 Image Builder SDK

pkgs.chickenPackages_5.chickenEggs.stb-image

read png/jpg/tga/bmp/psd/gif/hdr/pic/pnm images into pixels

pkgs.chickenPackages_5.chickenEggs.sdl2-image

Bindings to SDL_image 2

pkgs.azure-cli-extensions.image-copy-extension

Support for copying managed vm images between regions

pkgs.python311Packages.azure-mgmt-imagebuilder

Microsoft Azure Image Builder Client Library for Python

pkgs.python311Packages.opsdroid-get-image-size

Get image width and height given a file path using minimal dependencies

pkgs.python312Packages.azure-mgmt-imagebuilder

Microsoft Azure Image Builder Client Library for Python

pkgs.python312Packages.opsdroid-get-image-size

Get image width and height given a file path using minimal dependencies

pkgs.python311Packages.multiscale-spatial-image

Generate a multiscale, chunked, multi-dimensional spatial image data structure that can serialized to OME-NGFF

pkgs.python312Packages.multiscale-spatial-image

Generate a multiscale, chunked, multi-dimensional spatial image data structure that can serialized to OME-NGFF

pkgs.home-assistant-component-tests.image_upload

Open source home automation that puts local control and privacy first

pkgs.python311Packages.django-versatileimagefield

Replaces django's ImageField with a more flexible interface

pkgs.python312Packages.django-versatileimagefield

Replaces django's ImageField with a more flexible interface

pkgs.chickenPackages_5.chickenEggs.stb-image-write

write png/jpg/tga/bmp images

pkgs.chickenPackages_5.chickenEggs.image-dimensions

Detect image dimensions for common formats

pkgs.chickenPackages_5.chickenEggs.stb-image-resize

resize raw u8/u16/u32/f32-vector images

pkgs.home-assistant-component-tests.image_processing

Open source home automation that puts local control and privacy first

pkgs.python311Packages.types-aiobotocore-imagebuilder

Type annotations for aiobotocore imagebuilder

pkgs.python312Packages.types-aiobotocore-imagebuilder

Type annotations for aiobotocore imagebuilder
Notify package maintainers: 84
CVE-2024-6156
3.8 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
created 2 weeks, 3 days ago
Mark Laing discovered that LXD's PKI mode, until version 5.21.2, …

Mark Laing discovered that LXD's PKI mode, until version 5.21.2, could be bypassed if the client's certificate was present in the trust store.

lxd
<5.21.2
<4.0.10
<5.0.4
<6.1

pkgs.lxd-ui

Web user interface for LXD

pkgs.lxd-lts

Daemon based on liblxc offering a REST API to manage containers

pkgs.lxdvdrip

Command line tool to make a copy from a video DVD for private use

pkgs.lxd-image-server

Creates and manages a simplestreams lxd image server on top of nginx

pkgs.lxd-unwrapped-lts

Daemon based on liblxc offering a REST API to manage containers

pkgs.python311Packages.pylxd

Library for interacting with the LXD REST API

pkgs.python312Packages.pylxd

Library for interacting with the LXD REST API

pkgs.terraform-providers.lxd

Notify package maintainers: 1
CVE-2024-11738
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): NONE
  • Availability impact (A): LOW
created 2 weeks, 4 days ago
Rustls: rustls network-reachable panic in `acceptor::accept`

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service (panic) via a fragmented TLS ClientHello message.

rustls
<0.23.18
rhtas/tuffer-rhel9
rhtas/tuftool-rhel9

pkgs.rustls-ffi

C-to-rustls bindings
Notify package maintainers: 1
CVE-2024-9902
6.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): LOW
  • User interaction (UI): REQUIRED
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): LOW
created 2 weeks, 4 days ago
Ansible-core: ansible-core user may read/write unauthorized content

A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.

ansible-core
*
openstack-ansible-core
ansible-automation-platform/ee-29-rhel8
*
ansible-automation-platform/ee-minimal-rhel8
*
ansible-automation-platform/ee-minimal-rhel9
*
ansible-automation-platform/ansible-builder-rhel8
*
ansible-automation-platform/ansible-builder-rhel9
*

pkgs.ansible

Radically simple IT automation

pkgs.ansible_2_16

Radically simple IT automation

pkgs.ansible_2_17

Radically simple IT automation

pkgs.python311Packages.ansible-core

Radically simple IT automation

pkgs.python312Packages.ansible-core

Radically simple IT automation
CVE-2024-8676
7.4 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): NONE
created 2 weeks, 4 days ago
Cri-o: checkpoint restore can be triggered from different namespaces

A vulnerability was found in CRI-O, where it can be requested to take a checkpoint archive of a container and later be asked to restore it. When it does that restoration, it attempts to restore the mounts from the restore archive instead of the pod request. As a result, the validations run on the pod spec, verifying that the pod has access to the mounts it specifies are not applicable to a restored container. This flaw allows a malicious user to trick CRI-O into restoring a pod that doesn't have access to host mounts. The user needs access to the kubelet or cri-o socket to call the restore endpoint and trigger the restore.

cri-o
rhcos
conmon
container-tools:rhel8/conmon
container-tools:rhel8/podman

pkgs.cri-o

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface

pkgs.conmon

OCI container runtime monitor

pkgs.conmon-rs

OCI container runtime monitor written in Rust

pkgs.cri-o-unwrapped

Open Container Initiative-based implementation of the Kubernetes Container Runtime Interface
Notify package maintainers: 2
CVE-2024-52615
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): NONE
  • Integrity impact (I): LOW
  • Availability impact (A): NONE
updated 2 weeks ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 4 days ago
  • @LeSuisse removed
    5 packages
    • pkgs.python312Packages.avahi 0.8
    • pkgs.python311Packages.avahi 0.8
    • pkgs.haskellPackages.avahi 0.2.0
    • pkgs.avahi-compat 0.8
    • pkgs.guile-avahi 0.4.1
    2 weeks ago
Avahi: avahi wide-area dns uses constant source port

A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.

avahi
<0.9
rhcos

pkgs.avahi

mDNS/DNS-SD implementation
Notify package maintainers: 2
CVE-2024-49395
5.3 MEDIUM
  • CVSS version: 3.1
  • Attack vector (AV): NETWORK
  • Attack complexity (AC): LOW
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 2 weeks ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 4 days ago
  • @LeSuisse removed
    4 packages
    • pkgs.pantheon.mutter 43.8
    • pkgs.xorg.fontmuttmisc 1.0.4
    • pkgs.gnome.mutter43 43.8
    • pkgs.mutter43 43.8
    2 weeks ago
Mutt: neomutt: bcc email header field is indirectly leaked by cryptographic info block

In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.

mutt

pkgs.mutt

Small but very powerful text-based mail client

pkgs.mutter

Window manager for GNOME

pkgs.neomutt

Small but very powerful text-based mail client

pkgs.mutt-ics

Tool to show calendar event details in Mutt

pkgs.mutt-wizard

System for automatically configuring mutt and isync

pkgs.gnome.mutter

Window manager for GNOME

pkgs.notmuch-mutt

Mutt support for notmuch

pkgs.vimPlugins.nvim-treesitter-parsers.muttrc

Notify package maintainers: 10