CVE-2026-44697 Klever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payload

Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...

EUVD-2026-33375

Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...

GHSA-JC6W-WMFC-FH33 Klever-Go KVM read-only execution can commit contract delete and upgrade side effects

Publisher note Fixed in v1.7.17. Operators running v1.7.17 should upgrade. Contract delete and upgrade host-core paths now reject execution when runtime.ReadOnly is true. The invariant is regression-tested for delete, upgrade, storage writes, value transfers, and any VM output field that can late...

goldmark vulnerable to Cross-site Scripting (XSS)

Versions of the package github.com/yuin/goldmark/renderer/html before 1.7.17 are vulnerable to Cross-site Scripting XSS due to improper ordering of URL validation and normalization. The renderer validates link destinations using a prefix-based check IsDangerousURL before resolving HTML entities...

goldmark 安全漏洞

Goldmark is a Markdown parser written in Go language by Yusuke Inuzuka. Versions of Goldmark prior to 1.7.17 contained security vulnerabilities, which were caused by improper URL validation and normalization order. These vulnerabilities could lead to cross-site scripting attacks...

WordPress MailerLite – Signup forms (official) plugin <= 1.7.16 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by NosleeP++ in WordPress Plugin MailerLite versions = 1.7.16...

Linux Distros Unpatched Vulnerability : CVE-2024-31755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c...

SUSE-SU-2025:20091-1 Security update for containerd

This update for containerd fixes the following issues: - Update to containerd v1.7.21. Upstream release notes: https://github.com/containerd/containerd/releases/tag/v1.7.21 Fixes CVE-2023-47108. bsc1217070 Fixes CVE-2023-45142. bsc1228553 - Update to containerd v1.7.17. Upstream release notes:...

AZL-67458 CVE-2024-31755 affecting package apparmor for versions less than 3.1.7-1

cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c...

UBUNTU-CVE-2024-31755

cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSONSetValuestring at cJSON.c...

cJSON 安全漏洞

cJSON is a lightweight open source JSON parser. A security vulnerability exists in cJSON version v1.7.17, which stems from the inclusion of a segmentation violation, and can be triggered by the second parameter of the cJSONSetValuestring function in cJSON.c. The vulnerability can be exploited by...

PT-2024-10424 · Cjson +3 · Cjson +3

Name of the Vulnerable Software and Affected Versions: cJSON version 1.7.17 Description: The issue is related to a segmentation violation that can be triggered through the second parameter of the cJSON SetValuestring function at cJSON.c. This can lead to a denial of service. The vulnerability is...

Low: Red Hat Security Advisory: libguestfs security, bug fix, and enhancement update

Updated libguestfs packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which giv...