ISHACK AI BOT 发布的所有帖子
-
Gentoo Linux: CVE-2023-3079: QtWebEngine: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/05/2023 Created 11/28/2023 Added 11/27/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) gentoo-linux-upgrade-dev-qt-qtwebengine gentoo-linux-upgrade-www-client-chromium gentoo-linux-upgrade-www-client-google-chrome gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-3079 CVE - 2023-3079 202311-11 202401-34 -
Red Hat: CVE-2023-32373: a use-after-free when processing maliciously crafted web content (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/05/2023 Created 06/07/2023 Added 06/07/2023 Modified 01/28/2025 Description A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Solution(s) redhat-upgrade-webkit2gtk3 redhat-upgrade-webkit2gtk3-debuginfo redhat-upgrade-webkit2gtk3-debugsource redhat-upgrade-webkit2gtk3-devel redhat-upgrade-webkit2gtk3-devel-debuginfo redhat-upgrade-webkit2gtk3-jsc redhat-upgrade-webkit2gtk3-jsc-debuginfo redhat-upgrade-webkit2gtk3-jsc-devel redhat-upgrade-webkit2gtk3-jsc-devel-debuginfo References CVE-2023-32373 RHSA-2023:3432 RHSA-2023:3433
-
Red Hat: CVE-2023-34410: qt: allows remote attacker to bypass security restrictions caused by flaw in certificate validation (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 06/05/2023 Created 11/09/2023 Added 11/08/2023 Modified 01/28/2025 Description An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. Solution(s) redhat-upgrade-adwaita-qt-debuginfo redhat-upgrade-adwaita-qt-debugsource redhat-upgrade-adwaita-qt5 redhat-upgrade-adwaita-qt5-debuginfo redhat-upgrade-libadwaita-qt5 redhat-upgrade-libadwaita-qt5-debuginfo redhat-upgrade-python-pyqt5-sip-debugsource redhat-upgrade-python-qt5-debuginfo redhat-upgrade-python-qt5-debugsource redhat-upgrade-python-qt5-rpm-macros redhat-upgrade-python3-pyqt5-sip redhat-upgrade-python3-pyqt5-sip-debuginfo redhat-upgrade-python3-qt5 redhat-upgrade-python3-qt5-base redhat-upgrade-python3-qt5-base-debuginfo redhat-upgrade-python3-qt5-debuginfo redhat-upgrade-python3-qt5-devel redhat-upgrade-qgnomeplatform redhat-upgrade-qgnomeplatform-debuginfo redhat-upgrade-qgnomeplatform-debugsource redhat-upgrade-qt5 redhat-upgrade-qt5-assistant redhat-upgrade-qt5-assistant-debuginfo redhat-upgrade-qt5-designer redhat-upgrade-qt5-designer-debuginfo redhat-upgrade-qt5-devel redhat-upgrade-qt5-doctools redhat-upgrade-qt5-doctools-debuginfo redhat-upgrade-qt5-linguist redhat-upgrade-qt5-linguist-debuginfo redhat-upgrade-qt5-qdbusviewer redhat-upgrade-qt5-qdbusviewer-debuginfo redhat-upgrade-qt5-qt3d redhat-upgrade-qt5-qt3d-debuginfo redhat-upgrade-qt5-qt3d-debugsource redhat-upgrade-qt5-qt3d-devel redhat-upgrade-qt5-qt3d-devel-debuginfo redhat-upgrade-qt5-qt3d-doc redhat-upgrade-qt5-qt3d-examples redhat-upgrade-qt5-qt3d-examples-debuginfo redhat-upgrade-qt5-qt3d-tests-debuginfo redhat-upgrade-qt5-qtbase redhat-upgrade-qt5-qtbase-common redhat-upgrade-qt5-qtbase-debuginfo redhat-upgrade-qt5-qtbase-debugsource redhat-upgrade-qt5-qtbase-devel redhat-upgrade-qt5-qtbase-devel-debuginfo redhat-upgrade-qt5-qtbase-doc redhat-upgrade-qt5-qtbase-examples redhat-upgrade-qt5-qtbase-examples-debuginfo redhat-upgrade-qt5-qtbase-gui redhat-upgrade-qt5-qtbase-gui-debuginfo redhat-upgrade-qt5-qtbase-mysql redhat-upgrade-qt5-qtbase-mysql-debuginfo redhat-upgrade-qt5-qtbase-odbc redhat-upgrade-qt5-qtbase-odbc-debuginfo redhat-upgrade-qt5-qtbase-postgresql redhat-upgrade-qt5-qtbase-postgresql-debuginfo redhat-upgrade-qt5-qtbase-private-devel redhat-upgrade-qt5-qtbase-static redhat-upgrade-qt5-qtbase-tests-debuginfo redhat-upgrade-qt5-qtconnectivity redhat-upgrade-qt5-qtconnectivity-debuginfo redhat-upgrade-qt5-qtconnectivity-debugsource redhat-upgrade-qt5-qtconnectivity-devel redhat-upgrade-qt5-qtconnectivity-doc redhat-upgrade-qt5-qtconnectivity-examples redhat-upgrade-qt5-qtconnectivity-examples-debuginfo redhat-upgrade-qt5-qtconnectivity-tests-debuginfo redhat-upgrade-qt5-qtdeclarative redhat-upgrade-qt5-qtdeclarative-debuginfo redhat-upgrade-qt5-qtdeclarative-debugsource redhat-upgrade-qt5-qtdeclarative-devel redhat-upgrade-qt5-qtdeclarative-devel-debuginfo redhat-upgrade-qt5-qtdeclarative-doc redhat-upgrade-qt5-qtdeclarative-examples redhat-upgrade-qt5-qtdeclarative-examples-debuginfo redhat-upgrade-qt5-qtdeclarative-static redhat-upgrade-qt5-qtdeclarative-tests-debuginfo redhat-upgrade-qt5-qtdoc redhat-upgrade-qt5-qtgraphicaleffects redhat-upgrade-qt5-qtgraphicaleffects-debuginfo redhat-upgrade-qt5-qtgraphicaleffects-debugsource redhat-upgrade-qt5-qtgraphicaleffects-doc redhat-upgrade-qt5-qtgraphicaleffects-tests-debuginfo redhat-upgrade-qt5-qtimageformats redhat-upgrade-qt5-qtimageformats-debuginfo redhat-upgrade-qt5-qtimageformats-debugsource redhat-upgrade-qt5-qtimageformats-doc redhat-upgrade-qt5-qtimageformats-tests-debuginfo redhat-upgrade-qt5-qtlocation redhat-upgrade-qt5-qtlocation-debuginfo redhat-upgrade-qt5-qtlocation-debugsource redhat-upgrade-qt5-qtlocation-devel redhat-upgrade-qt5-qtlocation-doc redhat-upgrade-qt5-qtlocation-examples redhat-upgrade-qt5-qtlocation-examples-debuginfo redhat-upgrade-qt5-qtlocation-tests-debuginfo redhat-upgrade-qt5-qtmultimedia redhat-upgrade-qt5-qtmultimedia-debuginfo redhat-upgrade-qt5-qtmultimedia-debugsource redhat-upgrade-qt5-qtmultimedia-devel redhat-upgrade-qt5-qtmultimedia-doc redhat-upgrade-qt5-qtmultimedia-examples redhat-upgrade-qt5-qtmultimedia-examples-debuginfo redhat-upgrade-qt5-qtmultimedia-tests-debuginfo redhat-upgrade-qt5-qtquickcontrols redhat-upgrade-qt5-qtquickcontrols-debuginfo redhat-upgrade-qt5-qtquickcontrols-debugsource redhat-upgrade-qt5-qtquickcontrols-doc redhat-upgrade-qt5-qtquickcontrols-examples redhat-upgrade-qt5-qtquickcontrols-examples-debuginfo redhat-upgrade-qt5-qtquickcontrols-tests-debuginfo redhat-upgrade-qt5-qtquickcontrols2 redhat-upgrade-qt5-qtquickcontrols2-debuginfo redhat-upgrade-qt5-qtquickcontrols2-debugsource redhat-upgrade-qt5-qtquickcontrols2-devel redhat-upgrade-qt5-qtquickcontrols2-doc redhat-upgrade-qt5-qtquickcontrols2-examples redhat-upgrade-qt5-qtquickcontrols2-examples-debuginfo redhat-upgrade-qt5-qtquickcontrols2-tests-debuginfo redhat-upgrade-qt5-qtscript redhat-upgrade-qt5-qtscript-debuginfo redhat-upgrade-qt5-qtscript-debugsource redhat-upgrade-qt5-qtscript-devel redhat-upgrade-qt5-qtscript-doc redhat-upgrade-qt5-qtscript-examples redhat-upgrade-qt5-qtscript-examples-debuginfo redhat-upgrade-qt5-qtscript-tests-debuginfo redhat-upgrade-qt5-qtsensors redhat-upgrade-qt5-qtsensors-debuginfo redhat-upgrade-qt5-qtsensors-debugsource redhat-upgrade-qt5-qtsensors-devel redhat-upgrade-qt5-qtsensors-doc redhat-upgrade-qt5-qtsensors-examples redhat-upgrade-qt5-qtsensors-examples-debuginfo redhat-upgrade-qt5-qtsensors-tests-debuginfo redhat-upgrade-qt5-qtserialbus redhat-upgrade-qt5-qtserialbus-debuginfo redhat-upgrade-qt5-qtserialbus-debugsource redhat-upgrade-qt5-qtserialbus-devel redhat-upgrade-qt5-qtserialbus-doc redhat-upgrade-qt5-qtserialbus-examples redhat-upgrade-qt5-qtserialbus-examples-debuginfo redhat-upgrade-qt5-qtserialbus-tests-debuginfo redhat-upgrade-qt5-qtserialport redhat-upgrade-qt5-qtserialport-debuginfo redhat-upgrade-qt5-qtserialport-debugsource redhat-upgrade-qt5-qtserialport-devel redhat-upgrade-qt5-qtserialport-doc redhat-upgrade-qt5-qtserialport-examples redhat-upgrade-qt5-qtserialport-examples-debuginfo redhat-upgrade-qt5-qtserialport-tests-debuginfo redhat-upgrade-qt5-qtsvg redhat-upgrade-qt5-qtsvg-debuginfo redhat-upgrade-qt5-qtsvg-debugsource redhat-upgrade-qt5-qtsvg-devel redhat-upgrade-qt5-qtsvg-doc redhat-upgrade-qt5-qtsvg-examples redhat-upgrade-qt5-qtsvg-examples-debuginfo redhat-upgrade-qt5-qtsvg-tests-debuginfo redhat-upgrade-qt5-qttools redhat-upgrade-qt5-qttools-common redhat-upgrade-qt5-qttools-debuginfo redhat-upgrade-qt5-qttools-debugsource redhat-upgrade-qt5-qttools-devel redhat-upgrade-qt5-qttools-devel-debuginfo redhat-upgrade-qt5-qttools-doc redhat-upgrade-qt5-qttools-examples redhat-upgrade-qt5-qttools-examples-debuginfo redhat-upgrade-qt5-qttools-libs-designer redhat-upgrade-qt5-qttools-libs-designer-debuginfo redhat-upgrade-qt5-qttools-libs-designercomponents redhat-upgrade-qt5-qttools-libs-designercomponents-debuginfo redhat-upgrade-qt5-qttools-libs-help redhat-upgrade-qt5-qttools-libs-help-debuginfo redhat-upgrade-qt5-qttools-static redhat-upgrade-qt5-qttools-tests-debuginfo redhat-upgrade-qt5-qttranslations redhat-upgrade-qt5-qtwayland redhat-upgrade-qt5-qtwayland-debuginfo redhat-upgrade-qt5-qtwayland-debugsource redhat-upgrade-qt5-qtwayland-devel redhat-upgrade-qt5-qtwayland-devel-debuginfo redhat-upgrade-qt5-qtwayland-doc redhat-upgrade-qt5-qtwayland-examples redhat-upgrade-qt5-qtwayland-examples-debuginfo redhat-upgrade-qt5-qtwayland-tests-debuginfo redhat-upgrade-qt5-qtwebchannel redhat-upgrade-qt5-qtwebchannel-debuginfo redhat-upgrade-qt5-qtwebchannel-debugsource redhat-upgrade-qt5-qtwebchannel-devel redhat-upgrade-qt5-qtwebchannel-doc redhat-upgrade-qt5-qtwebchannel-examples redhat-upgrade-qt5-qtwebchannel-examples-debuginfo redhat-upgrade-qt5-qtwebchannel-tests-debuginfo redhat-upgrade-qt5-qtwebsockets redhat-upgrade-qt5-qtwebsockets-debuginfo redhat-upgrade-qt5-qtwebsockets-debugsource redhat-upgrade-qt5-qtwebsockets-devel redhat-upgrade-qt5-qtwebsockets-doc redhat-upgrade-qt5-qtwebsockets-examples redhat-upgrade-qt5-qtwebsockets-examples-debuginfo redhat-upgrade-qt5-qtwebsockets-tests-debuginfo redhat-upgrade-qt5-qtx11extras redhat-upgrade-qt5-qtx11extras-debuginfo redhat-upgrade-qt5-qtx11extras-debugsource redhat-upgrade-qt5-qtx11extras-devel redhat-upgrade-qt5-qtx11extras-doc redhat-upgrade-qt5-qtx11extras-tests-debuginfo redhat-upgrade-qt5-qtxmlpatterns redhat-upgrade-qt5-qtxmlpatterns-debuginfo redhat-upgrade-qt5-qtxmlpatterns-debugsource redhat-upgrade-qt5-qtxmlpatterns-devel redhat-upgrade-qt5-qtxmlpatterns-devel-debuginfo redhat-upgrade-qt5-qtxmlpatterns-doc redhat-upgrade-qt5-qtxmlpatterns-examples redhat-upgrade-qt5-qtxmlpatterns-examples-debuginfo redhat-upgrade-qt5-qtxmlpatterns-tests-debuginfo redhat-upgrade-qt5-rpm-macros redhat-upgrade-qt5-srpm-macros References CVE-2023-34410 RHSA-2023:6369 RHSA-2023:6967
-
SUSE: CVE-2023-3111: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 06/05/2023 Created 07/12/2023 Added 07/11/2023 Modified 01/28/2025 Description A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag(). Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-al suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-dtb-zte suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-base suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-base suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-man suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-ec2 suse-upgrade-kernel-ec2-base suse-upgrade-kernel-ec2-devel suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-base suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-preempt suse-upgrade-kernel-preempt-devel suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-trace suse-upgrade-kernel-trace-base suse-upgrade-kernel-trace-devel suse-upgrade-kernel-vanilla suse-upgrade-kernel-vanilla-base suse-upgrade-kernel-vanilla-devel suse-upgrade-kernel-vanilla-livepatch-devel suse-upgrade-kernel-xen suse-upgrade-kernel-xen-base suse-upgrade-kernel-xen-devel suse-upgrade-kernel-zfcpdump suse-upgrade-kernel-zfcpdump-man suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2023-3111 CVE - 2023-3111 DSA-5480
-
Debian: CVE-2023-3079: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/05/2023 Created 06/09/2023 Added 06/09/2023 Modified 01/28/2025 Description Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-3079 CVE - 2023-3079 DSA-5420-1
-
Oracle Linux: CVE-2023-34410: ELSA-2023-6369:qt5 security and bug fix update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 06/04/2023 Created 11/18/2023 Added 11/16/2023 Modified 12/05/2024 Description An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate. Solution(s) oracle-linux-upgrade-adwaita-qt5 oracle-linux-upgrade-libadwaita-qt5 oracle-linux-upgrade-python3-pyqt5-sip oracle-linux-upgrade-python3-qt5 oracle-linux-upgrade-python3-qt5-base oracle-linux-upgrade-python3-qt5-devel oracle-linux-upgrade-python-qt5-rpm-macros oracle-linux-upgrade-qgnomeplatform oracle-linux-upgrade-qt5 oracle-linux-upgrade-qt5-assistant oracle-linux-upgrade-qt5-designer oracle-linux-upgrade-qt5-devel oracle-linux-upgrade-qt5-doctools oracle-linux-upgrade-qt5-linguist oracle-linux-upgrade-qt5-qdbusviewer oracle-linux-upgrade-qt5-qt3d oracle-linux-upgrade-qt5-qt3d-devel oracle-linux-upgrade-qt5-qt3d-doc oracle-linux-upgrade-qt5-qt3d-examples oracle-linux-upgrade-qt5-qtbase oracle-linux-upgrade-qt5-qtbase-common oracle-linux-upgrade-qt5-qtbase-devel oracle-linux-upgrade-qt5-qtbase-doc oracle-linux-upgrade-qt5-qtbase-examples oracle-linux-upgrade-qt5-qtbase-gui oracle-linux-upgrade-qt5-qtbase-mysql oracle-linux-upgrade-qt5-qtbase-odbc oracle-linux-upgrade-qt5-qtbase-postgresql oracle-linux-upgrade-qt5-qtbase-private-devel oracle-linux-upgrade-qt5-qtbase-static oracle-linux-upgrade-qt5-qtconnectivity oracle-linux-upgrade-qt5-qtconnectivity-devel oracle-linux-upgrade-qt5-qtconnectivity-doc oracle-linux-upgrade-qt5-qtconnectivity-examples oracle-linux-upgrade-qt5-qtdeclarative oracle-linux-upgrade-qt5-qtdeclarative-devel oracle-linux-upgrade-qt5-qtdeclarative-doc oracle-linux-upgrade-qt5-qtdeclarative-examples oracle-linux-upgrade-qt5-qtdeclarative-static oracle-linux-upgrade-qt5-qtdoc oracle-linux-upgrade-qt5-qtgraphicaleffects oracle-linux-upgrade-qt5-qtgraphicaleffects-doc oracle-linux-upgrade-qt5-qtimageformats oracle-linux-upgrade-qt5-qtimageformats-doc oracle-linux-upgrade-qt5-qtlocation oracle-linux-upgrade-qt5-qtlocation-devel oracle-linux-upgrade-qt5-qtlocation-doc oracle-linux-upgrade-qt5-qtlocation-examples oracle-linux-upgrade-qt5-qtmultimedia oracle-linux-upgrade-qt5-qtmultimedia-devel oracle-linux-upgrade-qt5-qtmultimedia-doc oracle-linux-upgrade-qt5-qtmultimedia-examples oracle-linux-upgrade-qt5-qtquickcontrols oracle-linux-upgrade-qt5-qtquickcontrols2 oracle-linux-upgrade-qt5-qtquickcontrols2-devel oracle-linux-upgrade-qt5-qtquickcontrols2-doc oracle-linux-upgrade-qt5-qtquickcontrols2-examples oracle-linux-upgrade-qt5-qtquickcontrols-doc oracle-linux-upgrade-qt5-qtquickcontrols-examples oracle-linux-upgrade-qt5-qtscript oracle-linux-upgrade-qt5-qtscript-devel oracle-linux-upgrade-qt5-qtscript-doc oracle-linux-upgrade-qt5-qtscript-examples oracle-linux-upgrade-qt5-qtsensors oracle-linux-upgrade-qt5-qtsensors-devel oracle-linux-upgrade-qt5-qtsensors-doc oracle-linux-upgrade-qt5-qtsensors-examples oracle-linux-upgrade-qt5-qtserialbus oracle-linux-upgrade-qt5-qtserialbus-devel oracle-linux-upgrade-qt5-qtserialbus-doc oracle-linux-upgrade-qt5-qtserialbus-examples oracle-linux-upgrade-qt5-qtserialport oracle-linux-upgrade-qt5-qtserialport-devel oracle-linux-upgrade-qt5-qtserialport-doc oracle-linux-upgrade-qt5-qtserialport-examples oracle-linux-upgrade-qt5-qtsvg oracle-linux-upgrade-qt5-qtsvg-devel oracle-linux-upgrade-qt5-qtsvg-doc oracle-linux-upgrade-qt5-qtsvg-examples oracle-linux-upgrade-qt5-qttools oracle-linux-upgrade-qt5-qttools-common oracle-linux-upgrade-qt5-qttools-devel oracle-linux-upgrade-qt5-qttools-doc oracle-linux-upgrade-qt5-qttools-examples oracle-linux-upgrade-qt5-qttools-libs-designer oracle-linux-upgrade-qt5-qttools-libs-designercomponents oracle-linux-upgrade-qt5-qttools-libs-help oracle-linux-upgrade-qt5-qttools-static oracle-linux-upgrade-qt5-qttranslations oracle-linux-upgrade-qt5-qtwayland oracle-linux-upgrade-qt5-qtwayland-devel oracle-linux-upgrade-qt5-qtwayland-doc oracle-linux-upgrade-qt5-qtwayland-examples oracle-linux-upgrade-qt5-qtwebchannel oracle-linux-upgrade-qt5-qtwebchannel-devel oracle-linux-upgrade-qt5-qtwebchannel-doc oracle-linux-upgrade-qt5-qtwebchannel-examples oracle-linux-upgrade-qt5-qtwebsockets oracle-linux-upgrade-qt5-qtwebsockets-devel oracle-linux-upgrade-qt5-qtwebsockets-doc oracle-linux-upgrade-qt5-qtwebsockets-examples oracle-linux-upgrade-qt5-qtx11extras oracle-linux-upgrade-qt5-qtx11extras-devel oracle-linux-upgrade-qt5-qtx11extras-doc oracle-linux-upgrade-qt5-qtxmlpatterns oracle-linux-upgrade-qt5-qtxmlpatterns-devel oracle-linux-upgrade-qt5-qtxmlpatterns-doc oracle-linux-upgrade-qt5-qtxmlpatterns-examples oracle-linux-upgrade-qt5-rpm-macros oracle-linux-upgrade-qt5-srpm-macros References https://attackerkb.com/topics/cve-2023-34410 CVE - 2023-34410 ELSA-2023-6369 ELSA-2023-6967
-
Microsoft Edge Chromium: CVE-2023-33143 Severity 7 CVSS (AV:N/AC:H/Au:N/C:P/I:P/A:C) Published 06/03/2023 Created 06/05/2023 Added 06/05/2023 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2023-33143 CVE - 2023-33143 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33143
-
Gentoo Linux: CVE-2023-32207: Mozilla Thunderbird: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 12/22/2023 Added 12/21/2023 Modified 01/28/2025 Description A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-32207 CVE - 2023-32207 202312-03 202401-10
-
Gentoo Linux: CVE-2023-33143: Microsoft Edge: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:H/Au:N/C:P/I:P/A:C) Published 06/03/2023 Created 02/06/2024 Added 02/05/2024 Modified 01/28/2025 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Solution(s) gentoo-linux-upgrade-www-client-microsoft-edge References https://attackerkb.com/topics/cve-2023-33143 CVE - 2023-33143 202402-05
-
Gentoo Linux: CVE-2023-32206: Mozilla Thunderbird: Multiple Vulnerabilities Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/02/2023 Created 12/22/2023 Added 12/21/2023 Modified 01/28/2025 Description An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-32206 CVE - 2023-32206 202312-03 202401-10
-
Rocky Linux: CVE-2023-29535: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-29535 CVE - 2023-29535 https://errata.rockylinux.org/RLSA-2023:1802 https://errata.rockylinux.org/RLSA-2023:1809
-
Rocky Linux: CVE-2023-25729: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Permission prompts for opening external schemes were only shown for <code>ContentPrincipals</code> resulting in extensions being able to open them without user interaction via <code>ExpandedPrincipals</code>. This could lead to further malicious actions such as downloading files or interacting with software already installed on the system. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-25729 CVE - 2023-25729 https://errata.rockylinux.org/RLSA-2023:0808 https://errata.rockylinux.org/RLSA-2023:0810 https://errata.rockylinux.org/RLSA-2023:0821 https://errata.rockylinux.org/RLSA-2023:0824
-
Gentoo Linux: CVE-2023-32205: Mozilla Thunderbird: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 06/02/2023 Created 12/22/2023 Added 12/21/2023 Modified 01/28/2025 Description In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) gentoo-linux-upgrade-mail-client-thunderbird gentoo-linux-upgrade-mail-client-thunderbird-bin gentoo-linux-upgrade-www-client-firefox gentoo-linux-upgrade-www-client-firefox-bin References https://attackerkb.com/topics/cve-2023-32205 CVE - 2023-32205 202312-03 202401-10
-
Rocky Linux: CVE-2023-25728: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/30/2025 Description The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe's unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-25728 CVE - 2023-25728 https://errata.rockylinux.org/RLSA-2023:0808 https://errata.rockylinux.org/RLSA-2023:0810 https://errata.rockylinux.org/RLSA-2023:0821 https://errata.rockylinux.org/RLSA-2023:0824
-
Rocky Linux: CVE-2023-25732: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description When encoding data from an <code>inputStream</code> in <code>xpcom</code> the size of the input being encoded was not correctly calculated potentially leading to an out of bounds memory write. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-25732 CVE - 2023-25732 https://errata.rockylinux.org/RLSA-2023:0808 https://errata.rockylinux.org/RLSA-2023:0810 https://errata.rockylinux.org/RLSA-2023:0821 https://errata.rockylinux.org/RLSA-2023:0824
-
Rocky Linux: CVE-2023-23603: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/30/2025 Description Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-23603 CVE - 2023-23603 https://errata.rockylinux.org/RLSA-2023:0285 https://errata.rockylinux.org/RLSA-2023:0288 https://errata.rockylinux.org/RLSA-2023:0463 https://errata.rockylinux.org/RLSA-2023:0476
-
Rocky Linux: CVE-2023-29539: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description When handling the filename directive in the Content-Disposition header, the filename would be truncated if the filename contained a NULL character. This could have led to reflected file download attacks potentially tricking users to install malware. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-29539 CVE - 2023-29539 https://errata.rockylinux.org/RLSA-2023:1802 https://errata.rockylinux.org/RLSA-2023:1809
-
Rocky Linux: CVE-2023-29533: thunderbird (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description A website could have obscured the fullscreen notification by using a combination of <code>window.open</code>, fullscreen requests, <code>window.name</code> assignments, and <code>setInterval</code> calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-29533 CVE - 2023-29533 https://errata.rockylinux.org/RLSA-2023:1802 https://errata.rockylinux.org/RLSA-2023:1809
-
Rocky Linux: CVE-2023-28162: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-28162 CVE - 2023-28162 https://errata.rockylinux.org/RLSA-2023:1336 https://errata.rockylinux.org/RLSA-2023:1337 https://errata.rockylinux.org/RLSA-2023:1403 https://errata.rockylinux.org/RLSA-2023:1407
-
Alpine Linux: CVE-2023-32205: Vulnerability in Multiple Components Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 06/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-32205 CVE - 2023-32205 https://security.alpinelinux.org/vuln/CVE-2023-32205
-
Alpine Linux: CVE-2023-32215: Out-of-bounds Write Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) alpine-linux-upgrade-firefox-esr References https://attackerkb.com/topics/cve-2023-32215 CVE - 2023-32215 https://security.alpinelinux.org/vuln/CVE-2023-32215
-
Rocky Linux: CVE-2023-32212: thunderbird (Multiple Advisories) Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 06/02/2023 Created 03/07/2024 Added 03/05/2024 Modified 01/28/2025 Description An attacker could have positioned a <code>datalist</code> element to obscure the address bar. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-32212 CVE - 2023-32212 https://errata.rockylinux.org/RLSA-2023:3220 https://errata.rockylinux.org/RLSA-2023:3221
-
Rocky Linux: CVE-2023-25739: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Module load requests that failed were not being checked as to whether or not they were cancelled causing a use-after-free in <code>ScriptLoadContext</code>. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. Solution(s) rocky-upgrade-firefox rocky-upgrade-firefox-debuginfo rocky-upgrade-firefox-debugsource rocky-upgrade-firefox-x11 rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-25739 CVE - 2023-25739 https://errata.rockylinux.org/RLSA-2023:0808 https://errata.rockylinux.org/RLSA-2023:0810 https://errata.rockylinux.org/RLSA-2023:0821 https://errata.rockylinux.org/RLSA-2023:0824
-
Rocky Linux: CVE-2023-29550: thunderbird (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Memory safety bugs present in Firefox 111 and Firefox ESR 102.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-29550 CVE - 2023-29550 https://errata.rockylinux.org/RLSA-2023:1802 https://errata.rockylinux.org/RLSA-2023:1809
-
Rocky Linux: CVE-2023-1945: thunderbird (Multiple Advisories) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 06/02/2023 Created 03/13/2024 Added 03/12/2024 Modified 01/28/2025 Description Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 102.10 and Firefox ESR < 102.10. Solution(s) rocky-upgrade-thunderbird rocky-upgrade-thunderbird-debuginfo rocky-upgrade-thunderbird-debugsource References https://attackerkb.com/topics/cve-2023-1945 CVE - 2023-1945 https://errata.rockylinux.org/RLSA-2023:1802 https://errata.rockylinux.org/RLSA-2023:1809