<p>Upgrade <code>Rocky-Linux:8</code> <code>libecap-debuginfo</code> to version 0:1.0.1-2.module+el8.4.0+404+316a0dc5 or higher.<br>This issue was patched in <code>RLSA-2019:3476</code>.</p>

Cross-site Scripting (XSS) Affecting libecap-debuginfo package, versions <0:1.0.1-2.module+el8.4.0+404+316a0dc5

Threat Intelligence

94.21% (100^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-ROCKY8-LIBECAPDEBUGINFO-3215086
published 5 Jan 2023
disclosed 5 Jul 2019

Report a new vulnerability Found a mistake?

Introduced: 5 Jul 2019

CVE-2019-13345 Open this link in a new tab CWE-79 Open this link in a new tab

How to fix?

Upgrade Rocky-Linux:8 libecap-debuginfo to version 0:1.0.1-2.module+el8.4.0+404+316a0dc5 or higher.
This issue was patched in RLSA-2019:3476.

NVD Description

Note: Versions mentioned in the description apply only to the upstream libecap-debuginfo package and not the libecap-debuginfo package as distributed by Rocky-Linux. See How to fix? for Rocky-Linux:8 relevant fixed versions and status.

The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.

Cross-site Scripting (XSS) Affecting libecap-debuginfo package, versions <0:1.0.1-2.module+el8.4.0+404+316a0dc5

Severity

Based on Rocky Linux security rating

Threat Intelligence

Introduced: 5 Jul 2019

How to fix?

NVD Description

References