go-toolset:ol8 security and bug fix update

go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...

EUVD-2022-31925

Malicious code in bioql PyPI...

EUVD-2022-31928

Malicious code in bioql PyPI...

WordPress immonex Kickstart Plugin <= 1.11.6 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin immonex Kickstart versions = 1.11.6...

Incorrect Authorization

Overview std/net/url is a Go standard library package std/net/url Affected versions of this package are vulnerable to Incorrect Authorization. Go Vulnerability Report: The url.Parse function accepts URLs with malformed hosts, such that the Host field can have arbitrary suffixes that appear in...

NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Multiple Vulnerabilities (NS-SA-2022-0044)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected by multiple vulnerabilities: - net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications...

CVE-2022-27422

A reflected cross-site scripting XSS vulnerability in Chamilo LMS v1.11.13 allows attackers to execute arbitrary web scripts or HTML via user interaction with a crafted URL...

PT-2022-18415 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS version 1.11.13 Description: The issue is related to a lack of validation on the user modification form, which allows attackers to escalate privileges to Platform Admin. Recommendations: For Chamilo LMS version 1.11.13, update to ...

Chamilo LMS 代码问题漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association that supports the creation of instructional content, remote training, and online question answering. The system supports the creation of instructional content, remote training and online question...

编号撤回

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question answering. Chamilo LMS v1.11.13 contains a code injection vulnerability that could be exploited by a...

Chamilo LMS 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question answering. Chamilo LMS v1.11.13 has a cross-site scripting vulnerability, and no detailed...

Chamilo LMS 输入验证错误漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question answering. Chamilo LMS v1.11.13 has a security vulnerability that could be exploited by an attacker ...

Chamilo LMS 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question answering. Chamilo LMS v1.11.13 contains a cross-site scripting vulnerability that could be exploite...

Chamilo LMS SQL注入漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training and online question answering, etc. Chamilo LMS v1.11.13 is vulnerable to SQL injection, and no detailed vulnerability...

[SECURITY] Fedora 29 Update: golang-1.11.13-1.fc29

The Go Programming Language...

SUSE-SU-2019:2213-1 Security update for go1.11

This update for go1.11 fixes the following issues: Security issues fixed: - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth bsc1146111. - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of...

AZL-78948 CVE-2019-14809 affecting package golang 1.25.7-1

net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname nor Port, and is related to a non-numeric port number. For example, an...