Lucene search
K

378 matches found

RedHat Linux
RedHat Linux
added 2024/05/22 11:47 a.m.38 views

Important: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.91969EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.5 views

golang: html/template: improper handling of special tags within script contexts

A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...

6.1CVSS7AI score0.00798EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.5 views

golang: html/template: improper handling of HTML-like comments within script contexts

A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...

6.1CVSS7.1AI score0.00815EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2024/05/22 12:0 a.m.46 views

Important: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and...

7.5CVSS6.8AI score0.91969EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.47 views

Rocky Linux 9 : golang (RLSA-2024:2562)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2562 advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining...

7.5CVSS7.4AI score0.91969EPSS
Exploits1References15
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.29 views

RHEL 9 : golang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 - Angle brackets are not...

9.2AI score0.01548EPSS
Exploits0References10
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.50 views

golang security update

An update is available for golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

7.5CVSS7.3AI score0.91969EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/05/09 12:0 a.m.31 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1589)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward...

6.5CVSS7.1AI score0.01165EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/30 1:33 p.m.38 views

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS7.1AI score0.91969EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2024/04/30 1:33 p.m.6 views

golang: html/template: errors returned from MarshalJSON methods may break template escaping

A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into...

5.4CVSS7.2AI score0.00795EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/04/30 10:17 a.m.5 views

golang: html/template: improper handling of special tags within script contexts

A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of " contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped...

6.1CVSS7AI score0.00798EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2024/04/30 10:17 a.m.2 views

golang: html/template: improper handling of HTML-like comments within script contexts

A flaw was found in Golang. The html/template package did not properly handle HMTL-like "" comment tokens, nor hashbang "!" comment tokens, in contexts. This issue may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped...

6.1CVSS7.1AI score0.00815EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2024/04/30 12:0 a.m.54 views

Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 golang: net/http/cookiejar: incorrect...

7.5CVSS7.8AI score0.91969EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.36 views

RHEL 9 : toolbox (RHSA-2024:2160)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2160 advisory. Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman...

6.1CVSS7.2AI score0.01208EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.23 views

RHEL 8 / 9 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.4AI score0.03931EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.30 views

RHEL 9 : OpenShift Container Platform 4.13.8 (RHSA-2023:4459)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4459 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

7.5CVSS7.2AI score0.01888EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.40 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.2 (RHSA-2023:6840)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6840 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.4AI score0.99999EPSS
Exploits19References19
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.33 views

RHEL 8 / 9 : OpenShift Container Platform 4.13.3 (RHSA-2023:3536)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3536 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.2AI score0.02281EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.22 views

RHEL 8 / 9 : OpenShift Container Platform 4.12.21 (RHSA-2023:3545)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3545 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

9.8CVSS7.2AI score0.01548EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.33 views

RHEL 8 / 9 : Red Hat Service Interconnect 1.4 Release (RHSA-2023:4003)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4003 advisory. As a Kubernetes user, I cannot connect easily connect services from one cluster with services on another cluster. Red Hat Application...

9.8CVSS7.3AI score0.04561EPSS
Exploits1References30
Rows per page
Query Builder