[SECURITY] Fedora 36 Update: golang-github-gohugoio-testmodbuilder-0-0.10.20201030git72e1e0c.fc36

Some helper scripts used for Hugo testing...

Malicious code in tech-doc-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dee66703b31e37413a9adb8a1182b0bad51b5cfb28fb03747f5dc30068e9196 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6444 Malicious code in tech-doc-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dee66703b31e37413a9adb8a1182b0bad51b5cfb28fb03747f5dc30068e9196 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

biobb-io (>=0.0.1 <=0.0.8), biobb-model (>=0.0.1 <=0.0.10) +6 more potentially affected by CVE-2017-15612 via mistune (>=0.7.3 <=0.7.4)

mistune PYPI version =0.7.3, =0.0.1, =0.0.1, =0.0.6, =0.2.1, =2.2.20170208112505, =0.1.0, =0.1.2, =0.3.2 Source cves: CVE-2017-15612 Source advisory: OSV:GHSA-HPV5-V8G5-C864...

Fedora: Security Advisory for golang-github-gohugoio-testmodbuilder (FEDORA-2022-08ae2dd481)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc36

Some helper scripts used for Hugo testing...

Fedora: Security Advisory for golang-github-gohugoio-testmodbuilder (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for golang-github-gohugoio-testmodbuilder (FEDORA-2022-5cbd6de569)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc34

Some helper scripts used for Hugo testing...

[SECURITY] Fedora 35 Update: golang-github-gohugoio-testmodbuilder-0-0.9.20201030git72e1e0c.fc35

Some helper scripts used for Hugo testing...

@christianhugo/cli (>=0.7.2-beta.6 <=0.7.3-beta.15), @christianhugo/mobile-builder (>=0.7.2-beta.6 <=0.7.4-beta.9) +72 more potentially affected by CVE-2021-23445 via datatables.net (>=1.10.12 <=1.10.25)

datatables.net NPM version =1.10.12, =0.7.2-beta.6, =0.7.2-beta.6, =0.7.2-beta.6, =0.7.2-beta.6, =0.6.4-beta.10, =0.7.2-beta.7, =0.6.4-beta.10, =0.6.4-beta.10, =1.0.0, =1.0.0, =3.0.0, =3.0.11 and more Source cves: CVE-2021-23445 Source advisory: OSV:GHSA-H73Q-5WMJ-Q8PJ...

fairing (>=0.0.2 <=0.0.3), hugo-jupyter (>=0.2.1 <=0.3.0) +7 more potentially affected by CVE-2021-32798 via notebook (>=4.2.3 <=5.7.10)

notebook PYPI version =4.2.3, =0.0.2, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2021-32798 Source advisory: OSV:GHSA-HWVQ-6GJX-J797...

fairing (>=0.0.2 <=0.0.3), hugo-jupyter (>=0.2.1 <=0.3.0) +7 more potentially affected by CVE-2021-32797 via notebook (>=4.2.3 <=5.7.10)

notebook PYPI version =4.2.3, =0.0.2, =0.2.1, =0.1.2, =0.5.0, =1.0.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2021-32797 Source advisory: OSV:GHSA-4952-P58Q-6CRX...

GHSA-8J34-9876-PVFQ Hugo can execute a binary from the current directory on Windows

Impact Hugo depends on Go's os/exec for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system %PATH% on Windows. However, if a malicious file with the same name exe or bat is found in the current working directory at the time of running hugo, the...

Hugo can execute a binary from the current directory on Windows

Impact Hugo depends on Go's os/exec for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system %PATH% on Windows. However, if a malicious file with the same name exe or bat is found in the current working directory at the time of running hugo, the...

HugoMario swagger-codegen 安全漏洞

HugoMario swagger-codegen is an application from HugoMario. It is used to automatically generate API client libraries generate SDKs, server stubs and documentation given an OpenAPI Spec. A security vulnerability exists in swagger-codegen, which can be exploited by an attacker to append the conten...

Malicious Code Execution

Hugo is vulnerable to malicious code execution. If a malicious file with the same name exe or bat is found in the current working directory at the time of running hugo, the malicious command will be invoked instead of the system one. Windows users who run hugo inside untrusted Hugo sites are...

DEBIAN-CVE-2020-26284

Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's os/exec for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system %PATH% on Windows. In Hugo before version 0.79.1, if a malicious file with the same name exe or bat is...

CVE-2020-26284

Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's os/exec for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system %PATH% on Windows. In Hugo before version 0.79.1, if a malicious file with the same name exe or bat is...

CVE-2020-26284

Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's os/exec for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system %PATH% on Windows. In Hugo before version 0.79.1, if a malicious file with the same name exe or bat is...