MiracleLinux 9 : containernetworking-plugins-1.3.0-4.el9 (AXSA:2023-6651:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6651:02 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...

MiracleLinux 9 : buildah-1.31.3-1.el9 (AXSA:2023-6640:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6640:04 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPA...

MiracleLinux 9 : toolbox-0.0.99.4-6.el9 (AXSA:2023-6916:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6916:03 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...

CVE-2018-14887

Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request...

Security update for etcd

This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...

SUSE-SU-2023:3841-1 Security update for go1.19-openssl

This update for go1.19-openssl fixes the following issues: Update to version 1.19.13 bsc1200441. - CVE-2023-29409: Fixed unrestricted RSA keys in certificates bsc1213880. - CVE-2023-29406: Fixed insufficient sanitization of Host header bsc1213229. The following non-security bug was fixed: - Add...

SUSE-SU-2023:2845-1 Security update for go1.19

This update for go1.19 fixes the following issues: go was updated to version 1.19.11 bsc1200441: - CVE-2023-29406: Fixed insufficient sanitization of Host header in net/http bsc1213229...

CVE-2018-14887

Improper Host header sanitization in the dbfilter routing component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows a remote attacker to deny access to the service and to disclose database names via a crafted request...