Lucene search
+L

199 matches found

RedHat Linux
RedHat Linux
added 2024/05/22 11:47 a.m.38 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.91969EPSS
Exploits1References7
AlmaLinux
AlmaLinux
added 2024/05/22 12:0 a.m.46 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References14
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.52 views

golang security update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

7.5CVSS7.3AI score0.91969EPSS
Exploits1
OSV
OSV
added 2024/05/10 2:32 p.m.42 views

RLSA-2024:2724 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288...

7.5CVSS7.8AI score0.91969EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/05/07 10:45 a.m.3 views

golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect...

4.3CVSS7.2AI score0.0108EPSS
Exploits0References4
OSV
OSV
added 2024/05/07 12:0 a.m.30 views

ALSA-2024:2724 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288...

7.5CVSS7.8AI score0.91969EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2024/05/07 12:0 a.m.34 views

RHEL 9 : git-lfs (RHSA-2024:2724)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2724 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while...

7.5CVSS7.3AI score0.91969EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2024/04/30 1:33 p.m.3 views

golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect...

4.3CVSS7.2AI score0.0108EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/04/30 1:33 p.m.39 views

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.1AI score0.91969EPSS
Exploits1References8
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.55 views

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: net/http/cookiejar: incorrect...

7.5CVSS7.8AI score0.91969EPSS
Exploits1References16
SUSE CVE
SUSE CVE
added 2024/03/26 4:7 a.m.8 views

SUSE CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS7.4AI score0.00557EPSS
Exploits0References3
NVD
NVD
added 2024/03/24 1:15 a.m.13 views

CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS6.4AI score0.00557EPSS
Exploits0References4
OSV
OSV
added 2024/03/24 1:15 a.m.11 views

CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS7AI score
Exploits0References4
OSV
OSV
added 2024/03/24 1:15 a.m.4 views

DEBIAN-CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS7.3AI score0.00557EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/03/24 1:15 a.m.13 views

CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS5.9AI score0.00557EPSS
Exploits0References4
OSV
OSV
added 2024/03/24 1:15 a.m.5 views

UBUNTU-CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS5.8AI score0.00557EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/03/24 12:0 a.m.11 views

CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

6.8AI score0.00557EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/24 12:0 a.m.22 views

CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

6.4AI score0.00557EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/03/24 12:0 a.m.19 views

CVE-2018-25100

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar...

5.3CVSS5.2AI score0.00557EPSS
Exploits0
OSV
OSV
added 2024/03/22 12:19 a.m.16 views

MGASA-2024-0080 Updated nodejs-tough-cookie packages fix security vulnerability

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. CVE-2023-26136...

9.8CVSS6.6AI score0.02542EPSS
Exploits2References3
Rows per page
Query Builder