[SECURITY] Fedora 43 Update: golangci-lint-2.7.1-1.fc43

Fast linters runner for Go...

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.

...

CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

PostCSS line return parsing error

An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets CSS. There may be \r discrepancies, as demonstrated by @font-face font:\r/; in a rule. This vulnerability affects linters using PostCSS to parse external untrusted CSS. An...

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

Code injection

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

CVE-2023-44270

CVE-2023-44270 : PostCSS before 8.4.31 has a vulnerability where CSS that is parsed from external untrusted CSS can cause parts of the CSS to be treated as comments and then end up in the PostCSS output as valid CSS nodes (rules/properties). This can occur when linters rely on PostCSS for parsing...

Ruby on Rails: Incorrect handling of certain characters passed to the redirection functionality in Rails can lead to a single-click XSS vulnerability.

An incorrect handling of certain characters passed to the redirection functionality in Rails could lead to a single-click XSS vulnerability. This vulnerability allowed an attacker to control the href attribute in the HTML response and serve an XSS payload by preventing the redirect. The...

Fedora: Security Advisory for golang-honnef-tools (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: golang-honnef-tools-2021.1-2.fc35

honnef.co/go/tools/... is a collection of tools and libraries for working with Go code, including linters and static analysis, most prominently staticcheck...

Fedora: Security Advisory for golang-honnef-tools (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-honnef-tools-2021.1.2-2.20220304git852a31a.fc36

honnef.co/go/tools/... is a collection of tools and libraries for working with Go code, including linters and static analysis, most prominently staticcheck...

MAL-2022-3342 Malicious code in geoadv-linters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e3a595aba5cbc4287b07b5efd9767635b6577ee79238a837de3b7971dd09b54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in geoadv-linters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e3a595aba5cbc4287b07b5efd9767635b6577ee79238a837de3b7971dd09b54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...