MiracleLinux 9 : containernetworking-plugins-1.3.0-4.el9 (AXSA:2023-6651:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6651:02 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...

golang: html/template: improper handling of empty HTML attributes

A flaw was found in golang. Templates containing actions in unquoted HTML attributes, for example, "attr=." executed with empty input, could result in output that has unexpected results when parsed due to HTML normalization rules. This issue may allow the injection of arbitrary attributes into ta...

Moderate: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.3.2 security updates and bug fixes

Multicluster Engine for Kubernetes 2.3.2 General Availability release images, which contain security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SUSE-SU-2023:2105-1 Security update for go1.20

This update for go1.20 fixes the following issues: Update to 1.20.4 bnc1206346: - CVE-2023-24539: Fixed an improper sanitization of CSS values boo1211029. - CVE-2023-24540: Fixed an improper handling of JavaScript whitespace boo1211030. - CVE-2023-29400: Fixed an improper handling of empty HTML...