MGASA-2015-0133

Source
https://advisories.mageia.org/MGASA-2015-0133.html
Import Source
https://advisories.mageia.org/MGASA-2015-0133.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2015-0133
Related
Published
2015-04-04T10:45:56Z
Modified
2015-04-04T10:33:38Z
Summary
Updated novnc packages fix CVE-2013-7436
Details

Updated novnc package fixes security vulnerability:

noVNC before 0.5.1 allows an attacker to steal insecurely set session token cookies, hijacking active or inactive VNC sessions (CVE-2013-7436).

References
Credits

Affected packages

Mageia:4 / novnc

Package

Name
novnc
Purl
pkg:rpm/mageia/novnc?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.4-9.2.mga4

Ecosystem specific

{
    "section": "core"
}