rpm package
almalinux/v8-12.4-devel
pkg:rpm/almalinux/v8-12.4-devel
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-23083 | Hig | 7.7 | < 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57 | 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57 | Jan 22, 2025 | With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for | |
| CVE-2025-22150 | Med | 6.8 | < 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57 | 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57 | Jan 21, 2025 | Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generat |
- affected < 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57fixed 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for
- affected < 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57fixed 3:12.4.254.21-1.22.13.1.1.module_el8.10.0+3961+6a788e57
Undici is an HTTP/1.1 client. Starting in version 4.5.0 and prior to versions 5.28.5, 6.21.1, and 7.2.3, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is known that the output of `Math.random()` can be predicted if several of its generat
Page 2 of 2