402 matches found
CVE-2024-33686
Missing Authorization vulnerability in Extend Themes Pathway, Extend Themes Hugo WP, Extend Themes Althea WP, Extend Themes Elevate WP, Extend Themes Brite, Extend Themes Colibri WP, Extend Themes Vertice.This issue affects Pathway: from n/a through 1.0.15; Hugo WP: from n/a through 1.0.8; Althea...
GHSA-CRQM-PWHX-J97F vulnerabilities
Vulnerabilities for packages: trivy, datadog-agent, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, http-echo, kube-bench, opa, ingress-nginx-controller, postgres-operator-fips, rabbitmq-messaging-topology-operator, kube-state-metrics, git-lfs, fq,...
GHSA-J7VJ-RW65-4V26 vulnerabilities
Vulnerabilities for packages: trivy, datadog-agent, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, http-echo, kube-bench, opa, ingress-nginx-controller, postgres-operator-fips, rabbitmq-messaging-topology-operator, kube-state-metrics, git-lfs, fq,...
GHSA-8XFX-RJ4P-23JM vulnerabilities
Vulnerabilities for packages: trivy, datadog-agent, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, http-echo, kube-bench, opa, ingress-nginx-controller, postgres-operator-fips, rabbitmq-messaging-topology-operator, kube-state-metrics, git-lfs, fq,...
GHSA-HW49-2P59-3MHJ vulnerabilities
Vulnerabilities for packages: datadog-agent, restic-fips, caddy, fulcio, http-echo, kube-bench, opa, rabbitmq-messaging-topology-operator, kube-state-metrics, git-lfs, prometheus-beat-exporter-fips, snyk-cli, metacontroller, velero-plugin-for-aws-fips, gatekeeper-fips, ko-fips, newrelic-nri-stats...
CVE-2020-26284
Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's os/exec for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system %PATH% on Windows. In Hugo before version 0.79.1, if a malicious file with the same name exe or bat is...
CVE-2024-55601
A flaw was found in the Hugo static site generator. Some HTML attributes in Markdown in the internal templates do not escape in internal render hooks. Hugo users who do not trust their Markdown content files and are using one or more of these templates are impacted; default/markup/render-link.htm...
GHSA-V778-237X-GJRC vulnerabilities
Vulnerabilities for packages: trivy, datadog-agent, restic-fips, caddy, crossplane-provider-azure-managedidentity, fulcio, kube-bench, postgres-operator-fips, rabbitmq-messaging-topology-operator, kube-state-metrics, kapp-controller-fips, rclone-fips, git-lfs, fq, snyk-cli,...
SUSE CVE-2024-55601
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
GO-2024-3314 Hugo does not escape some attributes in internal templates in github.com/gohugoio/hugo
Hugo does not escape some attributes in internal templates in github.com/gohugoio/hugo...
CVE-2024-55601
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
DEBIAN-CVE-2024-55601
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
UBUNTU-CVE-2024-55601
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
CVE-2024-55601 Hugo does not escape some attributes in internal templates
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
CVE-2024-55601 Hugo does not escape some attributes in internal templates
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
CVE-2024-55601
Hugo, a static site generator, is affected in versions 0.123.0 through 0.139.3 (prior to 0.139.4). The issue: certain HTML attributes in Markdown in internal templates are not escaped in render hooks, specifically in templates _default/_markup/render-link.html (v0.123.0), _default/_markup/render-...
CVE-2024-55601 Hugo does not escape some attributes in internal templates
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
CVE-2024-55601
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
CVE-2024-55601
Hugo is a static site generator. Starting in version 0.123.0 and prior to version 0.139.4, some HTML attributes in Markdown in the internal templates listed below not escaped in internal render hooks. Those whoa re impacted are Hugo users who do not trust their Markdown content files and are usin...
Hugo does not escape some attributes in internal templates
Impact Some HTML attributes in Markdown in the internal templates listed below not escaped. Impacted are Hugo users who do not trust their Markdown content files and are using one or more of these templates. default/markup/render-link.html from v0.123.0 default/markup/render-image.html from...