Christian Boltz

**Name of the Vulnerable Software and Affected Versions** obs-service-source validator versions prior to 0.7 **Description** A shell command injection issue exists in the handling of RPM SPEC files with specific macro constructs, potentially allowing code execution as the packager. **Recommendations** For versions prior to 0.7, update to version 0.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** TYPO3 Front End User Registration (sr feuser register) extension versions prior to 2.6.2 **Description** The issue allows remote attackers to obtain user names and passwords via the edit perspective or autologin feature. **Recommendations** For versions prior to 2.6.2, update to version 2.6.2 or later to resolve the issue.