ISHACK AI BOT

Alpine Linux: CVE-2023-45143: Exposure of Sensitive Information to an Unauthorized Actor Severity 4 CVSS (AV:N/AC:H/Au:M/C:P/I:P/A:P) Published 10/12/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/14/2024 Description Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Cookie` headers. By design, `cookie` headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments. Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a third-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the third party site. This was patched in version 5.26.2. There are no known workarounds. Solution(s) alpine-linux-upgrade-nodejs alpine-linux-upgrade-nodejs-current alpine-linux-upgrade-openjdk21 References https://attackerkb.com/topics/cve-2023-45143 CVE - 2023-45143 https://security.alpinelinux.org/vuln/CVE-2023-45143

Alpine Linux: CVE-2023-45853: Integer Overflow or Wraparound Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 10/14/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/14/2024 Description MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API. Solution(s) alpine-linux-upgrade-minizip alpine-linux-upgrade-qt5-qtwebengine alpine-linux-upgrade-zlib alpine-linux-upgrade-qt6-qtwebengine References https://attackerkb.com/topics/cve-2023-45853 CVE - 2023-45853 https://security.alpinelinux.org/vuln/CVE-2023-45853

Rocky Linux: CVE-2023-45863: kernel (Multiple Advisories) Severity 6 CVSS (AV:L/AC:M/Au:M/C:C/I:C/A:C) Published 10/14/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2023-45863 CVE - 2023-45863 https://errata.rockylinux.org/RLSA-2024:2950 https://errata.rockylinux.org/RLSA-2024:3138

Alma Linux: CVE-2023-45863: Moderate: kernel security, bug fix, and enhancement update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:M/Au:M/C:C/I:C/A:C) Published 10/14/2023 Created 06/01/2024 Added 05/31/2024 Modified 01/28/2025 Description An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-64k alma-upgrade-kernel-64k-core alma-upgrade-kernel-64k-debug alma-upgrade-kernel-64k-debug-core alma-upgrade-kernel-64k-debug-devel alma-upgrade-kernel-64k-debug-devel-matched alma-upgrade-kernel-64k-debug-modules alma-upgrade-kernel-64k-debug-modules-core alma-upgrade-kernel-64k-debug-modules-extra alma-upgrade-kernel-64k-devel alma-upgrade-kernel-64k-devel-matched alma-upgrade-kernel-64k-modules alma-upgrade-kernel-64k-modules-core alma-upgrade-kernel-64k-modules-extra alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-devel-matched alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-core alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-debug-uki-virt alma-upgrade-kernel-devel alma-upgrade-kernel-devel-matched alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-core alma-upgrade-kernel-modules-extra alma-upgrade-kernel-rt alma-upgrade-kernel-rt-core alma-upgrade-kernel-rt-debug alma-upgrade-kernel-rt-debug-core alma-upgrade-kernel-rt-debug-devel alma-upgrade-kernel-rt-debug-kvm alma-upgrade-kernel-rt-debug-modules alma-upgrade-kernel-rt-debug-modules-core alma-upgrade-kernel-rt-debug-modules-extra alma-upgrade-kernel-rt-devel alma-upgrade-kernel-rt-kvm alma-upgrade-kernel-rt-modules alma-upgrade-kernel-rt-modules-core alma-upgrade-kernel-rt-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-uki-virt alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-devel-matched alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-core alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-libperf alma-upgrade-perf alma-upgrade-python3-perf alma-upgrade-rtla alma-upgrade-rv References https://attackerkb.com/topics/cve-2023-45863 CVE - 2023-45863 https://errata.almalinux.org/8/ALSA-2024-2950.html https://errata.almalinux.org/8/ALSA-2024-3138.html https://errata.almalinux.org/9/ALSA-2024-2394.html

Samba CVE-2023-42669: CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, and CVE-2023-42670. Please see announcements for details. Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 10/13/2023 Created 10/13/2023 Added 10/13/2023 Modified 01/30/2025 Description A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task. Solution(s) samba-upgrade-4_17_12 samba-upgrade-4_18_8 samba-upgrade-4_19_1 References https://attackerkb.com/topics/cve-2023-42669 CVE - 2023-42669 http://www.samba.org/samba/security/CVE-2023-42669.html

Samba CVE-2023-4091: CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669, and CVE-2023-42670. Please see announcements for details. Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:C/A:N) Published 10/13/2023 Created 10/13/2023 Added 10/13/2023 Modified 01/30/2025 Description A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions. Solution(s) samba-upgrade-4_17_12 samba-upgrade-4_18_8 samba-upgrade-4_19_1 References https://attackerkb.com/topics/cve-2023-4091 CVE - 2023-4091 http://www.samba.org/samba/security/CVE-2023-4091.html

Gentoo Linux: CVE-2023-36559: Microsoft Edge: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:H/Au:N/C:P/I:P/A:N) Published 10/13/2023 Created 02/06/2024 Added 02/05/2024 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Spoofing Vulnerability Solution(s) gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-36559 CVE - 2023-36559 202402-05

CentOS Linux: CVE-2023-5557: Important: tracker-miners security update (Multiple Advisories) Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 10/13/2023 Created 12/13/2023 Added 12/12/2023 Modified 01/28/2025 Description A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability. Solution(s) centos-upgrade-tracker-miners centos-upgrade-tracker-miners-debuginfo centos-upgrade-tracker-miners-debugsource References CVE-2023-5557

Ubuntu: USN-6504-1 (CVE-2023-5557): tracker-miners vulnerability Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 10/13/2023 Created 11/24/2023 Added 11/23/2023 Modified 01/28/2025 Description A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability. Solution(s) ubuntu-upgrade-tracker-extract References https://attackerkb.com/topics/cve-2023-5557 CVE - 2023-5557 USN-6504-1

SUSE: CVE-2023-5557: SUSE Linux Security Advisory Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 10/13/2023 Created 12/20/2023 Added 12/19/2023 Modified 01/28/2025 Description A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability. Solution(s) suse-upgrade-tracker-miner-files suse-upgrade-tracker-miners suse-upgrade-tracker-miners-lang References https://attackerkb.com/topics/cve-2023-5557 CVE - 2023-5557

SUSE: CVE-2023-45142: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/12/2023 Created 07/23/2024 Added 07/23/2024 Modified 01/28/2025 Description OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP header User-Agent or HTTP method for requests can be easily set by an attacker to be random and long. The library internally uses `httpconv.ServerRequest` that records every value for HTTP `method` and `User-Agent`. In order to be affected, a program has to use the `otelhttp.NewHandler` wrapper and not filter any unknown HTTP methods or User agents on the level of CDN, LB, previous middleware, etc. Version 0.44.0 fixed this issue when the values collected for attribute `http.request.method` were changed to be restricted to a set of well-known values and other high cardinality attributes were removed. As a workaround to stop being affected, `otelhttp.WithFilter()` can be used, but it requires manual careful configuration to not log certain requests entirely. For convenience and safe usage of this library, it should by default mark with the label `unknown` non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it. Solution(s) suse-upgrade-caddy suse-upgrade-caddy-bash-completion suse-upgrade-caddy-fish-completion suse-upgrade-caddy-zsh-completion References https://attackerkb.com/topics/cve-2023-45142 CVE - 2023-45142

Huawei EulerOS: CVE-2023-43789: libXpm security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) huawei-euleros-2_0_sp11-upgrade-libxpm References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789 EulerOS-SA-2023-3279

Oracle Database: Critical Patch Update - April 2024 (CVE-2023-5072) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/12/2023 Created 04/29/2024 Added 04/25/2024 Modified 01/28/2025 Description Denial of Servicein JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. Solution(s) oracle-apply-apr-2024-cpu References https://attackerkb.com/topics/cve-2023-5072 CVE - 2023-5072 http://www.oracle.com/security-alerts/cpuapr2024.html https://support.oracle.com/rs?type=doc&id=3000005.1

Alma Linux: CVE-2023-43789: Moderate: libXpm security update (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 05/08/2024 Added 05/08/2024 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) alma-upgrade-libxpm alma-upgrade-libxpm-devel alma-upgrade-motif alma-upgrade-motif-devel alma-upgrade-motif-static References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789 https://errata.almalinux.org/8/ALSA-2024-2974.html https://errata.almalinux.org/8/ALSA-2024-3022.html https://errata.almalinux.org/9/ALSA-2024-2146.html https://errata.almalinux.org/9/ALSA-2024-2217.html

Rocky Linux: CVE-2023-43789: libXpm (RLSA-2024-2974) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 06/17/2024 Added 06/17/2024 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) rocky-upgrade-libxpm rocky-upgrade-libxpm-debuginfo rocky-upgrade-libxpm-debugsource rocky-upgrade-libxpm-devel rocky-upgrade-libxpm-devel-debuginfo References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789 https://errata.rockylinux.org/RLSA-2024:2974

Debian: CVE-2023-32722: zabbix -- security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/12/2023 Created 10/08/2024 Added 10/07/2024 Modified 01/28/2025 Description The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. Solution(s) debian-upgrade-zabbix References https://attackerkb.com/topics/cve-2023-32722 CVE - 2023-32722 DLA-3909-1

Amazon Linux AMI 2: CVE-2023-38545: Security patch for curl (ALAS-2023-2287) Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 10/12/2023 Created 10/12/2023 Added 10/12/2023 Modified 01/30/2025 Description This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with. Solution(s) amazon-linux-ami-2-upgrade-curl amazon-linux-ami-2-upgrade-curl-debuginfo amazon-linux-ami-2-upgrade-libcurl amazon-linux-ami-2-upgrade-libcurl-devel References https://attackerkb.com/topics/cve-2023-38545 AL2/ALAS-2023-2287 CVE - 2023-38545

Amazon Linux AMI: CVE-2023-43789: Security patch for libXpm (ALAS-2023-1875) Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 11/07/2023 Added 11/04/2023 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) amazon-linux-upgrade-libxpm References ALAS-2023-1875 CVE-2023-43789

Huawei EulerOS: CVE-2023-43789: libXpm security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) huawei-euleros-2_0_sp9-upgrade-libxpm References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789 EulerOS-SA-2023-3344

Huawei EulerOS: CVE-2023-43789: libXpm security update Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 02/13/2024 Added 02/12/2024 Modified 01/28/2025 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) huawei-euleros-2_0_sp5-upgrade-libxpm huawei-euleros-2_0_sp5-upgrade-libxpm-devel References https://attackerkb.com/topics/cve-2023-43789 CVE - 2023-43789 EulerOS-SA-2024-1151

Red Hat: CVE-2023-43040: Moderate: Red Hat Ceph Storage 6.1 security, enhancement, and bug fix update (RHSA-2023:5693) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/12/2023 Created 11/01/2023 Added 11/01/2023 Modified 11/02/2023 Description A flaw was found in rgw. This flaw allows an unprivileged user to write to any bucket(s) accessible by a given key if a POST's form-data contains a key called 'bucket' with a value matching the bucket's name used to sign the request. This issue results in a user being able to upload to any bucket accessible by the specified access key as long as the bucket in the POST policy matches the bucket in the said POST form part. Solution(s) redhat-upgrade-ceph-base redhat-upgrade-ceph-base-debuginfo redhat-upgrade-ceph-common redhat-upgrade-ceph-common-debuginfo redhat-upgrade-ceph-debuginfo redhat-upgrade-ceph-debugsource redhat-upgrade-ceph-exporter-debuginfo redhat-upgrade-ceph-fuse redhat-upgrade-ceph-fuse-debuginfo redhat-upgrade-ceph-immutable-object-cache redhat-upgrade-ceph-immutable-object-cache-debuginfo redhat-upgrade-ceph-mds-debuginfo redhat-upgrade-ceph-mgr-debuginfo redhat-upgrade-ceph-mib redhat-upgrade-ceph-mon-debuginfo redhat-upgrade-ceph-osd-debuginfo redhat-upgrade-ceph-radosgw-debuginfo redhat-upgrade-ceph-resource-agents redhat-upgrade-ceph-selinux redhat-upgrade-ceph-test-debuginfo redhat-upgrade-cephadm redhat-upgrade-cephadm-ansible redhat-upgrade-cephfs-mirror-debuginfo redhat-upgrade-cephfs-top redhat-upgrade-libcephfs-devel redhat-upgrade-libcephfs2 redhat-upgrade-libcephfs2-debuginfo redhat-upgrade-libcephsqlite-debuginfo redhat-upgrade-librados-devel redhat-upgrade-librados-devel-debuginfo redhat-upgrade-libradospp-devel redhat-upgrade-libradosstriper1 redhat-upgrade-libradosstriper1-debuginfo redhat-upgrade-librbd-devel redhat-upgrade-librgw-devel redhat-upgrade-librgw2 redhat-upgrade-librgw2-debuginfo redhat-upgrade-python3-ceph-argparse redhat-upgrade-python3-ceph-common redhat-upgrade-python3-cephfs redhat-upgrade-python3-cephfs-debuginfo redhat-upgrade-python3-rados redhat-upgrade-python3-rados-debuginfo redhat-upgrade-python3-rbd redhat-upgrade-python3-rbd-debuginfo redhat-upgrade-python3-rgw redhat-upgrade-python3-rgw-debuginfo redhat-upgrade-rbd-fuse-debuginfo redhat-upgrade-rbd-mirror-debuginfo redhat-upgrade-rbd-nbd redhat-upgrade-rbd-nbd-debuginfo References CVE-2023-43040 RHSA-2023:5693

Red Hat: CVE-2023-43789: libXpm: out of bounds read on XPM with corrupted colormap (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/12/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system. Solution(s) redhat-upgrade-libxpm redhat-upgrade-libxpm-debuginfo redhat-upgrade-libxpm-debugsource redhat-upgrade-libxpm-devel redhat-upgrade-libxpm-devel-debuginfo redhat-upgrade-motif redhat-upgrade-motif-debuginfo redhat-upgrade-motif-debugsource redhat-upgrade-motif-devel redhat-upgrade-motif-devel-debuginfo redhat-upgrade-motif-static References CVE-2023-43789 RHSA-2024:2146 RHSA-2024:2217 RHSA-2024:2974 RHSA-2024:3022

Red Hat: CVE-2023-45143: cookie leakage (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:S/C:P/I:N/A:N) Published 10/12/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/30/2025 Description Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authorization headers on cross-origin redirects, but did not clear `Cookie` headers. By design, `cookie` headers are forbidden request headers, disallowing them to be set in RequestInit.headers in browser environments. Since undici handles headers more liberally than the spec, there was a disconnect from the assumptions the spec made, and undici's implementation of fetch. As such this may lead to accidental leakage of cookie to a third-party site or a malicious attacker who can control the redirection target (ie. an open redirector) to leak the cookie to the third party site. This was patched in version 5.26.2. There are no known workarounds. Solution(s) redhat-upgrade-nodejs redhat-upgrade-nodejs-debuginfo redhat-upgrade-nodejs-debugsource redhat-upgrade-nodejs-devel redhat-upgrade-nodejs-docs redhat-upgrade-nodejs-full-i18n redhat-upgrade-nodejs-nodemon redhat-upgrade-nodejs-packaging redhat-upgrade-nodejs-packaging-bundler redhat-upgrade-npm References CVE-2023-45143 RHSA-2023:5849 RHSA-2023:5869 RHSA-2023:7205

Red Hat: CVE-2023-46159: Moderate: Red Hat Ceph Storage 6.1 security, enhancement, and bug fix update (RHSA-2023:5693) Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 10/12/2023 Created 11/01/2023 Added 11/01/2023 Modified 01/28/2025 Description Red Hat: CVE-2023-46159: Moderate: Red Hat Ceph Storage 6.1 security, enhancement, and bug fix update (RHSA-2023:5693) Solution(s) redhat-upgrade-ceph-base redhat-upgrade-ceph-base-debuginfo redhat-upgrade-ceph-common redhat-upgrade-ceph-common-debuginfo redhat-upgrade-ceph-debuginfo redhat-upgrade-ceph-debugsource redhat-upgrade-ceph-exporter-debuginfo redhat-upgrade-ceph-fuse redhat-upgrade-ceph-fuse-debuginfo redhat-upgrade-ceph-immutable-object-cache redhat-upgrade-ceph-immutable-object-cache-debuginfo redhat-upgrade-ceph-mds-debuginfo redhat-upgrade-ceph-mgr-debuginfo redhat-upgrade-ceph-mib redhat-upgrade-ceph-mon-debuginfo redhat-upgrade-ceph-osd-debuginfo redhat-upgrade-ceph-radosgw-debuginfo redhat-upgrade-ceph-resource-agents redhat-upgrade-ceph-selinux redhat-upgrade-ceph-test-debuginfo redhat-upgrade-cephadm redhat-upgrade-cephadm-ansible redhat-upgrade-cephfs-mirror-debuginfo redhat-upgrade-cephfs-top redhat-upgrade-libcephfs-devel redhat-upgrade-libcephfs2 redhat-upgrade-libcephfs2-debuginfo redhat-upgrade-libcephsqlite-debuginfo redhat-upgrade-librados-devel redhat-upgrade-librados-devel-debuginfo redhat-upgrade-libradospp-devel redhat-upgrade-libradosstriper1 redhat-upgrade-libradosstriper1-debuginfo redhat-upgrade-librbd-devel redhat-upgrade-librgw-devel redhat-upgrade-librgw2 redhat-upgrade-librgw2-debuginfo redhat-upgrade-python3-ceph-argparse redhat-upgrade-python3-ceph-common redhat-upgrade-python3-cephfs redhat-upgrade-python3-cephfs-debuginfo redhat-upgrade-python3-rados redhat-upgrade-python3-rados-debuginfo redhat-upgrade-python3-rbd redhat-upgrade-python3-rbd-debuginfo redhat-upgrade-python3-rgw redhat-upgrade-python3-rgw-debuginfo redhat-upgrade-rbd-fuse-debuginfo redhat-upgrade-rbd-mirror-debuginfo redhat-upgrade-rbd-nbd redhat-upgrade-rbd-nbd-debuginfo References CVE-2023-46159 RHSA-2023:5693

Red Hat: CVE-2023-5388: nss: timing attack against RSA decryption (Multiple Advisories) Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 10/12/2023 Created 01/11/2024 Added 01/10/2024 Modified 09/13/2024 Description NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. Solution(s) redhat-upgrade-firefox redhat-upgrade-firefox-debuginfo redhat-upgrade-firefox-debugsource redhat-upgrade-firefox-x11 redhat-upgrade-nspr redhat-upgrade-nspr-debuginfo redhat-upgrade-nspr-devel redhat-upgrade-nss redhat-upgrade-nss-debuginfo redhat-upgrade-nss-debugsource redhat-upgrade-nss-devel redhat-upgrade-nss-softokn redhat-upgrade-nss-softokn-debuginfo redhat-upgrade-nss-softokn-devel redhat-upgrade-nss-softokn-freebl redhat-upgrade-nss-softokn-freebl-debuginfo redhat-upgrade-nss-softokn-freebl-devel redhat-upgrade-nss-sysinit redhat-upgrade-nss-sysinit-debuginfo redhat-upgrade-nss-tools redhat-upgrade-nss-tools-debuginfo redhat-upgrade-nss-util redhat-upgrade-nss-util-debuginfo redhat-upgrade-nss-util-devel redhat-upgrade-thunderbird redhat-upgrade-thunderbird-debuginfo redhat-upgrade-thunderbird-debugsource References CVE-2023-5388 RHSA-2024:0093 RHSA-2024:0105 RHSA-2024:0106 RHSA-2024:0107 RHSA-2024:0108 RHSA-2024:1483 RHSA-2024:1484 RHSA-2024:1485 RHSA-2024:1486 RHSA-2024:1487 RHSA-2024:1488 RHSA-2024:1489 RHSA-2024:1492 RHSA-2024:1493 RHSA-2024:1494 RHSA-2024:1495 RHSA-2024:1496 RHSA-2024:1497 RHSA-2024:1498 View more