10 matches found
CVE-2026-2808
HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...
CVE-2026-2808
HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...
CVE-2026-2808 Consul vulnerable to arbitrary file reads through the vault kubernetes authentication provider
HashiCorp Consul and Consul Enterprise 1.18.20 up to 1.21.10 and 1.22.4 are vulnerable to arbitrary file read when configured with Kubernetes authentication. This vulnerability, CVE-2026-2808, is fixed in Consul 1.18.21, 1.21.11 and 1.22.5...
PT-2026-24892
Name of the Vulnerable Software and Affected Versions HashiCorp Consul versions 1.18.20 through 1.21.10 HashiCorp Consul version 1.22.4 HashiCorp Consul Enterprise versions 1.18.20 through 1.21.10 HashiCorp Consul Enterprise version 1.22.4 Description HashiCorp Consul and Consul Enterprise are...
Oracle Linux 9 : golang (ELSA-2024-4212)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-4212 advisory. - Update to Go 1.21.11 that fixes CVE-2024-24789 and CVE-2024-24790 Tenable has extracted the preceding description block directly from the Oracle Linu...
golang security update
1.21.11-1 - Update to Go 1.21.11 that fixes CVE-2024-24789 and CVE-2024-24790 - Resolves: RHEL-40275...
Improper Check for Unusual or Exceptional Conditions
Overview std/net/netip is a Go standard library package std/net/netip Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions. Go Vulnerability Report:The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6...
Interpretation Conflict
Overview std/archive/zip is a Go standard library package std/archive/zip Affected versions of this package are vulnerable to Interpretation Conflict. Go Vulnerability Report: due to inconsistent handling of certain malformed zip files in the archive/zip process. An attacker can cause different...
PT-2023-11867 · Unknown · Ti Woocommerce Wishlist
Name of the Vulnerable Software and Affected Versions: TI WooCommerce Wishlist versions up to 1.21.11 TI WooCommerce Wishlist Pro versions up to 1.21.4 Description: The issue allows authenticated attackers to gain restricted access to the vulnerable blog and update any settings due to an Options...
Fedora 20 : mediawiki-1.21.11-1.fc20 (2014-7779)
bug 65839 SECURITY: Prevent external resources in SVG files. - bug 66428 MimeMagic: Don't seek before BOF. This has weird side effects like only extracting the tail of the file partially or not at all. Note that Tenable Network Security has extracted the preceding description block directly from...