Elvish up to 0.13.x Web UI Backend exposure of resource

A vulnerability classified as critical has been found in Elvish up to 0.13.x. Affected is an unknown part of the component Web UI Backend. Upgrading to version 0.14.0 eliminates this vulnerability. Applying the patch ccc2750037bbbfafe9c1b7a78eadd3bd16e81fe5 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Nitro Pro PDF Document use after free [CVE-2021-21796]

A vulnerability was found in Nitro Pro PDF (affected version not known) and classified as critical. Affected by this issue is an unknown code block of the component Document Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative […]

Nitro Pro PDF Document double free [CVE-2021-21797]

A vulnerability was found in Nitro Pro PDF (the affected version unknown). It has been classified as critical. This affects some unknown processing of the component Document Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

GlassWire 2.1.167 code injection [CVE-2021-22961]

A vulnerability was found in GlassWire 2.1.167. It has been declared as critical. This vulnerability affects an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.