RHCOS 3 : OpenShift Container Platform 3.11.404 (RHSA-2021:0833)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:0833 advisory. - golang-github-gorilla-websocket: integer overflow leads to denial of service CVE-2020-27813 Note that Nessus has not tested for this issue...

RHCOS 4 : OpenShift Container Platform 4.15.23 (RHSA-2024:4702)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4702 advisory. - gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization CVE-2024-37298 Note that Nessus has not tested for...

RHCOS 4 : OpenShift Container Platform 4.13.46 (RHSA-2024:4848)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4848 advisory. - gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization CVE-2024-37298 Note that Nessus has not tested for...

MiracleLinux 9 : podman-4.9.4-10.el9_4 (AXSA:2024-8754:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8754:08 advisory. golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm CVE-2024-24783 go-retryablehttp: url might write sensitive...

CVE-2025-65952

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

CVE-2025-65952

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

EUVD-2025-199659

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

CVE-2025-65952 Console is vulnerable to path traversal regarding custom assets

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

CVE-2025-65952 Console is vulnerable to path traversal regarding custom assets

Console is a network used to control Gorilla Tag mods' users and other users on the network. Prior to version 2.8.0, a path traversal vulnerability exists where complicated combinations of backslashes and periods can be used to escape the Gorilla Tag path and write to unwanted directories. This...

CVE-2025-65952

CVE-2025-65952 concerns Gorilla Tag’s Console component. Prior to version 2.8.0, a path traversal flaw arises from complex combinations of backslashes and periods that can escape the Gorilla Tag path and write to unintended directories. Red Hat and other feeds corroborate the vulnerability descri...

PT-2025-48096

Name of the Vulnerable Software and Affected Versions Gorilla Tag versions prior to 2.8.0 Description A path traversal issue exists in Console, a network used to control Gorilla Tag mods and users. Prior to version 2.8.0, specific combinations of backslashes and periods can be used to bypass the...

EUVD-2025-104240

Malicious code in leftgorillaz3n npm...

EUVD-2025-102739

Malicious code in quarrelsomegorillaz3n npm...

EUVD-2025-104411

Malicious code in itchygorillaz3n npm...

MAL-2025-112463 Malicious code in wealthy_gorilla_blush-49 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector baff912a9537343d75fcea89d3541e4b2fe5ab1286ade18cb3566638e6b20722 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-74367

Malicious code in philosophicalgorillaamaranth-54 npm...

EUVD-2025-77140

Malicious code in defiantgorilla-strongdev npm...

Malicious code in defiant_gorilla-strongdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aabdc8802ec5096a407e1e55ba6dba4155829fea2dc83c980e4f94cec9a0d55e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-75165

Malicious code in yawninggorilla-appteadev npm...

EUVD-2025-77287

Malicious code in complicatedgorilla-silentdev npm...