A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an attacker to trick the server into making unintended requests to internal or restricted resources. As a result, sensitive internal services such as cloud metadata endpoints could be accessed. This issue may lead to information disclosure and enable attackers to map internal network infrastructure.

A flaw was found in mongo-c-driver. A compromised third-party cloud server or a man-in-the-middle (MITM) attacker could send a malformed HTTP response. This could cause applications using the MongoDB C driver to crash, leading to a Denial of Service.

A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into the sort_by parameter of the /api/hosts/bootc_images API endpoint. This can lead to a Denial of Service (DoS) by triggering database errors, and potentially enable Boolean-based Blind SQL injection, which could allow an attacker to extract sensitive information from the database.

A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS).

A stack overflow flaw has been discovered in the python pyexpat module. When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. This will result in a program crash.

Multiple security issues have been discovered in the perl YAML::Syck module. A heap overflow occurs when class names exceed the initial 512-byte allocation, a base64 decoder could read past the buffer end on trailing newlines. strtok mutated n->type_id in place, corrupting shared node data, and a memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return.

A flaw was found in Radare2. A local attacker could exploit a vulnerability in the Mach-O File Parser component, specifically within the `walk_exports_trie` function. By manipulating this component, an attacker can cause excessive resource consumption, potentially leading to a Denial of Service (DoS). An exploit for this issue has been publicly disclosed.

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.

A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.

A flaw was found in libheif. A local attacker could exploit an out-of-bounds read vulnerability in the `Track::load` function within the `stsz/stts` component. This manipulation could lead to a Denial of Service (DoS), making the affected system or application unavailable.

A flaw was found in libheif. This vulnerability allows a local attacker to trigger an out-of-bounds read by manipulating the size argument in the `vvdec_push_data2` function. This could lead to a denial of service (DoS).

An incorrect security ui flaw was found in the PictureInPicture component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=475238879

An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=474670215

An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=470574526

An insufficient policy enforcement flaw was found in the PDF component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=40058077

An insufficient policy enforcement flaw was found in the Clipboard component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=474763968

An incorrect security ui flaw was found in the WebAppInstalls component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=479326680

An insufficient policy enforcement flaw was found in the ChromeDriver component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=478783560

A heap buffer overflow flaw was found in the Skia component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=417599694

An unsafe navigation flaw was found in the Navigation component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=476898368