RHCOS 4 : OpenShift Container Platform 4.18.42 (RHSA-2026:17446)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:17446 advisory. - golang: archive/tar: Unbounded allocation when parsing GNU sparse map CVE-2025-58183 - golang: net/url: Memory exhaustion in quer...

RHCOS 4 : OpenShift Container Platform 4.8.9 (RHSA-2021:3248)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3248 advisory. - golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header CVE-2021-31525 - golang: net: lookup...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

grafana-pcp security update

An update is available for grafana-pcp. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2021-2375:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2375:01 advisory. golang: encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader CVE-2021-27918 golang: net/http: panic in ReadRequest a...

MiracleLinux 9 : git-lfs-3.2.0-1.el9 (AXSA:2023-5844:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5844:01 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: net/http/httputil: ReverseProxy should not forward...

RockyLinux 8 : container-tools:rhel8 (RLSA-2023:2758)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2758 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions CVE-2022-196...

Alibaba Cloud Linux 3 : 0131: go-toolset:rhel8 (ALINUX3-SA-2022:0131)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0131 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-38297: Go before 1.16.9 and 1.17....

The vulnerability of the “//line” directive in the Go programming language allows a violator to execute arbitrary code.

The vulnerability of the “//line” directive in the Go programming language is related to errors in data processing during syntax analysis of code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerabilities of the net/http and mime/multipart libraries used in the GoLang-based application software of the PPEO “Avora Center” allow attackers to perform a type of attack known as “denial-of-service attack”.

The vulnerability of the net/http and mime/multipart libraries used in the GoLang-based application software for the PPEO “Avora Center” involves uncontrolled resource consumption under certain input conditions. Exploiting this vulnerability could allow a remote attacker to execute a type of atta...