Lucene search
K

246 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-4211

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.02359EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49588

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.0108EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-41740

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00647EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-14754

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00423EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.5 views

opentelemetry-collector security update

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Collector with the supported components for a Rocky Enterpri...

6.8CVSS7.4AI score0.0056EPSS
Exploits0
OSV
OSV
added 2025/10/03 7:56 p.m.5 views

RLSA-2025:7466 Moderate: delve and golang security update

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...

5.9CVSS6.4AI score0.00647EPSS
Exploits0References4
OSV
OSV
added 2025/10/03 7:56 p.m.5 views

RLSA-2025:10677 Moderate: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

6.8CVSS7.2AI score0.0056EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/09/23 8:27 a.m.1 views

net/http: Sensitive headers not cleared on cross-origin redirect in net/http

A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect...

6.8CVSS7.2AI score0.0056EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2025/09/16 12:59 a.m.5 views

Moderate: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.8CVSS6.7AI score0.0056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.3 views

RHEL 9 : opentelemetry-collector (RHSA-2025:15887)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15887 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin...

6.8CVSS6.6AI score0.0056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.2 views

RHEL 9 : opentelemetry-collector (RHSA-2025:15406)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15406 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin...

6.8CVSS6.6AI score0.0056EPSS
Exploits0References5
OSV
OSV
added 2025/07/29 1:38 p.m.7 views

RLSA-2025:3772 Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints CVE-2024-45341 golang: net/http: net/http: sensitive headers incorrectly sent after...

5.9CVSS7.2AI score0.00647EPSS
Exploits0References3
OSV
OSV
added 2025/07/29 1:38 p.m.5 views

RLSA-2025:10672 Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score,...

6.8CVSS7.1AI score0.0056EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2025/07/21 6:50 p.m.7 views

K000152659: Golang vulnerabilities CVE-2024-45336, CVE-2024-45337, CVE-2024-45338, and CVE-2024-45339

Security Advisory Description CVE-2024-45336 The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a . com/ containing an Authorization header which is redirected to b . com/ will not send that header to b . com. In the event that the client...

9.1CVSS6.9AI score0.03092EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2025/07/21 12:0 a.m.2 views

EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-1820)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate...

6.1CVSS6.5AI score0.00647EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/21 12:0 a.m.2 views

EulerOS 2.0 SP12 : golang (EulerOS-SA-2025-1821)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate...

6.1CVSS6.5AI score0.00647EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.3 views

Sensitive headers not cleared on cross-origin redirect in net/http

...

6.8CVSS7.5AI score0.0056EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/07/09 12:55 a.m.5 views

net/http: Sensitive headers not cleared on cross-origin redirect in net/http

A flaw was found in net/http. Handling Proxy-Authorization and Proxy-Authenticate headers during cross-origin redirects allows these headers to be inadvertently forwarded, potentially exposing sensitive authentication credentials. This flaw allows a network-based attacker to manipulate redirect...

6.8CVSS7.2AI score0.0056EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/07/09 12:0 a.m.3 views

RHEL 10 : golang (RHSA-2025:10677)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10677 advisory. The golang packages provide the Go programming language compiler. Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect ...

6.8CVSS6.6AI score0.0056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/07/09 12:0 a.m.4 views

RHEL 9 : golang (RHSA-2025:10676)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10676 advisory. The golang packages provide the Go programming language compiler. Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect i...

6.8CVSS6.6AI score0.0056EPSS
Exploits0References5
Rows per page
Query Builder