5 matches found
GHSA-7WHH-79J3-7C55 InventoryGui allows item duplication in GUIs which use GuiStorageElement
Impact Any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element. Patches InventoryGui 1.6.5 included in latest 1.6.5-SNAPSHOT by disabling GuiStorageElement when not running on 1.21.9 or later. Workarounds Not using the GuiStorageElement...
OPENSUSE-SU-2024:13822-1 go1.21-1.21.9-1.1 on GA media
These are all security issues fixed in the go1.21-1.21.9-1.1 package on the GA media of openSUSE Tumbleweed...
golang security update
1.21.9-2 - Rebuilt for z-stream - Related: RHEL-24312 - Related: RHEL-28940 1.21.9-1 - Fix CVE-2024-1394 - Fix CVE-2023-45288 - Resolves RHEL-24312 - Resolves RHEL-28940...
Golang < 1.21.9, 1.22.x < 1.22.2 DoS
The version of Golang running on the remote host is prior to 1.21.9 or 1.22.x prior to 1.22.2. It is, therefore, is affected by a denial of service vulnerability. When a request's headers exceed MaxHeaderBytes, memory is not allocated to store the excess headers yet they are still parsed. This...
CVE-2014-2853
Cross-site scripting XSS vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the sort key in an info action...