Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2 : rclone, --advisory ALAS2-2026-3309 (ALAS-2026-3309)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3309 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag...

7.5CVSS7.4AI score0.00813EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.17 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-118 (ALASECS-2026-118)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-118 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Amazon
Amazon
added 2026/05/26 12:0 a.m.25 views

Important: rclone

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.20 views

Important: oci-add-hooks

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.24 views

Important: libcap

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Rows per page
Query Builder