Lucene search
K

58 matches found

OSV
OSV
added 2026/05/06 11:26 p.m.16 views

CLSA-2026-1778109988 toolbox: Fix of 9 CVEs

Rebuild with golang = 1.22.5 to fix CVE-2022-1705, CVE-2022-41717, CVE-2023-29406, CVE-2023-39318, CVE-2023-39319, CVE-2023-39326, CVE-2023-45290, CVE-2024-24785, CVE-2024-24791...

7.5CVSS7.1AI score0.05623EPSS
Exploits1References1
F5 Networks
F5 Networks
added 2025/07/22 4:18 p.m.8 views

K000152671: Golang html/template vulnerabilities CVE-2023-39318,CVE-2023-39319, and CVE-2024-24785

Security Advisory Description CVE-2023-39318 The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...

6.1CVSS6.6AI score0.00815EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.2 views

TencentOS Server 4: golang (TSSA-2024:0627)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0627 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.1CVSS7.7AI score0.03796EPSS
Exploits0References7
OSV
OSV
added 2025/05/07 7:11 p.m.12 views

RLSA-2024:0121 Moderate: container-tools:4.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward unparseable query...

7.5CVSS7.2AI score0.02607EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2023-39319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The html/template package does not apply the proper rules for handling occurrences of contexts. This may cause the template parser to improperly consider script...

6.1CVSS6.8AI score0.00798EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/19 12:0 a.m.25 views

Oracle Linux 9 : buildah (ELSA-2024-9097)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-9097 advisory. - Rebuild for CVEs: CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322 - rebuild for following CVEs: CVE-2023-25173 CVE-2022-41724...

9.8CVSS6.9AI score0.04561EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.27 views

Photon OS 4.0: Go PHSA-2023-4.0-0484

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0484. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid204352...

6.5CVSS7.8AI score0.01328EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/05/29 12:0 a.m.50 views

RHEL 8 : Red Hat OpenStack Platform 16.1 (etcd) (RHSA-2024:3467)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3467 advisory. A highly-available key value store for shared configuration Security Fixes: Incomplete fix for CVE-2023-39325/CVE-2023-44487 in OpenStack...

7.5CVSS7.3AI score0.99999EPSS
Exploits20References20
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.48 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (etcd) (RHSA-2024:3352)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3352 advisory. A highly-available key value store for shared configuration Security Fixes: Incomplete fix for CVE-2023-39325/CVE-2023-44487 in OpenStack...

7.5CVSS7.3AI score0.99999EPSS
Exploits20References21
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.83 views

RHEL 8 : container-tools:rhel8 (RHSA-2024:2988)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2988 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: urllib3:...

7.5CVSS7.3AI score0.93305EPSS
Exploits7References43
RedHat Linux
RedHat Linux
added 2024/04/30 10:17 a.m.33 views

Moderate: Red Hat Security Advisory: toolbox security update

An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

6.1CVSS6.7AI score0.01208EPSS
Exploits0References7
OSV
OSV
added 2024/04/30 12:0 a.m.28 views

ALSA-2024:2160 Moderate: toolbox security update

Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman and other standard container technologies from OCI. Security Fixes: golang: html/template: improper handling of HTML-like comments within script contexts...

6.1CVSS7.2AI score0.01208EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.34 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3700-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.1AI score0.00815EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.34 views

openSUSE: Security Advisory for go1.21 (SUSE-SU-2023:3701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.01424EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.33 views

openSUSE: Security Advisory for go1.20 (SUSE-SU-2023:3840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.3AI score0.01328EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/02/25 3:0 a.m.16 views

CVE-2023-39319 affecting package golang for versions less than 1.21.6-1

CVE-2023-39319 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

6.1CVSS7.1AI score0.00798EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/02/25 3:0 a.m.50 views

CVE-2023-39319 affecting package golang for versions less than 1.21.6-1

CVE-2023-39319 affecting package golang for versions less than 1.21.6-1. A patched version of the package is available...

6.1CVSS6.6AI score0.00798EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.56 views

EulerOS 2.0 SP11 : golang (EulerOS-SA-2023-3270)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The html/template package does not properly handle HTML-like '' comment tokens, nor hashbang '!' comment tokens, in contexts. This may cause the...

8.1CVSS7.6AI score0.99999EPSS
Exploits19References6
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.55 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2023-3331)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or...

8.1CVSS7.6AI score0.99999EPSS
Exploits19References7
OpenVAS
OpenVAS
added 2024/01/12 12:0 a.m.46 views

Ubuntu: Security Advisory (USN-6574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.6AI score0.99999EPSS
Exploits19References4
Rows per page
Query Builder