67 matches found
MiracleLinux 8 : container-tools:rhel8 (AXSA:2023-7318:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7318:02 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...
CVE-2024-29400
An issue was discovered in RuoYi v4.5.1, allows attackers to obtain sensitive information via the status parameter...
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Watson AIOps version 4.2.0 Vulnerability Details CVEID:CVE-2023-24539 DESCRIPTION: Go is vulnerable to HTML injection. A remote attacker could inject malicious HTML code into a template containing multiple actions separated by a...
Linux Distros Unpatched Vulnerability : CVE-2023-29400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Templates containing actions in unquoted HTML attributes e.g. attr=. executed with empty input can result in output with unexpected results when parsed due to...
Oracle Linux 9 : buildah (ELSA-2024-9097)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9097 advisory. - Rebuild for CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724...
Oracle Linux 9 : skopeo (ELSA-2024-9098)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9098 advisory. - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539...
Oracle Linux 9 : containernetworking-plugins (ELSA-2024-9089)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9089 advisory. - rebuild for CVE-2024-24791 - rebuild for following CVEs: CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723...
RHEL 8 / 9 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
RHEL 9 : OpenShift Container Platform 4.13.8 (RHSA-2023:4459)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4459 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
CVE-2024-29400
An issue was discovered in RuoYi v4.5.1, allows attackers to obtain sensitive information via the status parameter...
CVE-2024-29400
An issue was discovered in RuoYi v4.5.1, allows attackers to obtain sensitive information via the status parameter...
CVE-2024-29400
An issue was discovered in RuoYi v4.5.1, allows attackers to obtain sensitive information via the status parameter...
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1. A patched version of the package is available...
CVE-2023-29400 affecting package golang for versions less than 1.21.6-1
CVE-2023-29400 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...
CVE-2023-29400 affecting package golang for versions less than 1.21.6-1
CVE-2023-29400 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...
K000138679: Golang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403
Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly...
CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is available...
Moderate: Red Hat Security Advisory: container-tools:rhel8 security and bug fix update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: container-tools:4.0 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...
Moderate: container-tools:rhel8 security and bug fix update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...