[SECURITY] Fedora 35 Update: libconfuse-3.3-7.fc35

libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and (lists of) values (strings, integers, floats, booleans or oth ...

Continue Reading

CVSS3 - HIGH

fhir-works-on-aws-authz-smart handles permissions improperly

### Impact This issue allows a client of the API to retrieve more information than the client’s OAuth scope permits when making “search-type” requests. This issue would not allow a client to retrie ...

Continue Reading
Bitbucket Git Command Injection

Various versions of Bitbucket Server and Data Center are vulnerable to an unauthenticated command injection vulnerability in multiple API endpoints. The `/rest/api/latest/projects/{projectKey}/repos/{ ...

Continue Reading
fhir-works-on-aws-authz-smart handles permissions improperly

### Impact This issue allows a client of the API to retrieve more information than the client’s OAuth scope permits when making “search-type” requests. This issue would not allow a client to retrie ...

Continue Reading
CVE-2022-41225

Jenkins Anchore Container Image Scanner Plugin 1.0.24 and earlier does not escape content provided by the Anchore engine API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable ...

Continue Reading
CVE-2022-41232

A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty ...

Continue Reading
CVE-2022-41231

Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted fi ...

Continue Reading
CVE-2022-41240

Jenkins Walti Plugin 1.0.1 and earlier does not escape the information provided by the Walti API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provid ...

Continue Reading

Back to Main

Subscribe for the latest news: