Security update for yq

This update for yq fixes the following issues CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241719. CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML...

AZL-76778 CVE-2025-47911 affecting package buildah 1.18.0-29

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.372.b07-1.el7 (AXSA:2023-5312:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5312:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 7 : java-11-openjdk-11.0.19.0.7-1.el7 (AXSA:2023-5304:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5304:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 9 : java-11-openjdk-11.0.19.0.7-1.el9 (AXSA:2023-5305:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5305:07 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

MiracleLinux 9 : java-17-openjdk-17.0.7.0.7-1.el9 (AXSA:2023-5309:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5309:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

SUSE-SU-2025:4330-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container fixes the following issues: Updated...

EUVD-2019-0036

Malware in sbrugna...

EUVD-2021-0585

Malware in sbrugna...

EUVD-2011-0175

Malware in sbrugna...

EUVD-2024-43140

Malicious code in bioql PyPI...

EUVD-2024-52973

Malicious code in bioql PyPI...

CVE-2023-3481

Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting XSS bug. We recommend upgrading to version 0.0.20 of the extension...

Linux Distros Unpatched Vulnerability : CVE-2023-39318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The html/template package does not properly handle HTML-like comment tokens, nor hashbang ! comment tokens, in contexts. This may cause the template parser to...

PT-2023-25013 · Critters · Critters

Name of the Vulnerable Software and Affected Versions: Critters versions 0.0.17 through 0.0.19 Description: The issue arises when parsing HTML, leading to a potential cross-site scripting XSS bug. There is no information provided about the estimated number of potentially affected devices worldwid...

CVE-2023-4048

An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

UBUNTU-CVE-2019-14233

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.striptags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities...

gaim instant messanger DoS

Application crashes on receiving file with with parenthesis in the name and during HTML parsing...