4 matches found
Amazon Linux 2023 : git-lfs (ALAS2023-2026-1722)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1722 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value refresh. A new GODEBU...
Important: containerd
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
Important: oci-add-hooks
Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...
CLSA-2025-1745585192 ruby: Fix of 3 CVEs
CVE-2025-27219: fix a potential Denial of Service DoS vulnerability in cookie parsing - CVE-2025-27220: fix ReDoS vulnerability exists in the escapeElement method - CVE-2025-27221: fix he URI handling methods URI.join, URImerge, URI+...