by EGI CSIRT | Sep 19, 2023 | Advisories, News
A high risk vulnerability was found in cjose. The cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE) on which mod_auth_openidc depends. The AES GCM decryption routine incorrectly uses the tag length from the actual Authentication Tag...
by EGI CSIRT | Sep 18, 2023 | Advisories, News
A potential security vulnerability CVE-2022-40982 in some Intel® Processors may allow information disclosure. Intel is releasing firmware updates and an optional software sequence to mitigate this potential vulnerability. For details see SVG Advisory...
by EGI CSIRT | Sep 5, 2023 | Advisories, News
A Use After Free vulnerability (CVE-2023-1281 and CVE-2023-1829) in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. Kernel upgrade is recommended. Since an attacker can elevate privileges to root, this vulnerability is considered as...
Recent Comments