8 matches found
OPENSUSE-SU-2026:20762-1 Security update for go1.26
This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: "go tool pack" does...
CVE-2025-31483
Miniflux is a feed reader. Due to a weak Content Security Policy on the /proxy/ route, an attacker can bypass the CSP of the media proxy and execute cross-site scripting when opening external images in a new tab/window. To mitigate the vulnerability, the CSP for the media proxy has been changed...
CVE-2025-31483
The CVE-2025-31483 vulnerability affects Miniflux (a feed reader) where a weak Content Security Policy on the /proxy/* route allowed bypassing the media proxy CSP and executing cross-site scripting when external images were opened in a new tab/window. Root cause: insufficient CSP controls for the...
MAL-2024-10675 Malicious code in ax-proxy-fix (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 530cf2448f8a75d570e3dacd158740f4338e093c63aba432c8d875ca4e0219e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ax-proxy-fix (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 530cf2448f8a75d570e3dacd158740f4338e093c63aba432c8d875ca4e0219e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE-SU-2022:4597-1 Security update for curl
This update for curl fixes the following issues: - CVE-2022-43552: HTTP Proxy deny use-after-free bsc1206309. - CVE-2022-43551: Fixed HSTS bypass via IDN bsc1206308...
CVE-2021-32714
hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper's HTTP server and client code had a flaw that could trigger an integer overflow when decoding chunk sizes that are too big. This allows possible data loss, or if combined with an upstream HTTP proxy that allows chunk sizes...
HP-UX Security Patch : PHSS_27227
Virtualvault 4.5 OWS Proxy Fix %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26636; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...