MiracleLinux 8 : go-toolset:rhel8 (AXSA:2024-8389:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8389:01 advisory. golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS CVE-2023-45288 golang: net/http/cookiejar: incorrect forwarding of...

RLSA-2025:10672 Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 For more details about the security issues, including the impact, a CVSS score,...

The vulnerabilities of the net/http and mime/multipart libraries used in the GoLang-based application software of the PPEO “Avora Center” allow attackers to perform a type of attack known as “denial-of-service attack”.

The vulnerability of the net/http and mime/multipart libraries used in the GoLang-based application software for the PPEO “Avora Center” involves uncontrolled resource consumption under certain input conditions. Exploiting this vulnerability could allow a remote attacker to execute a type of atta...