Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Amazon Linux 2023 : runfinch-finch (ALAS2023-2026-1741)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1741 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2 : rclone, --advisory ALAS2-2026-3309 (ALAS-2026-3309)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3309 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag...

7.5CVSS7.4AI score0.00813EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.20 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1743)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1743 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.6AI score0.00813EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.17 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-118 (ALASECS-2026-118)

The version of oci-add-hooks installed on the remote host is prior to 0-0.10.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-118 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.13 views

Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1740)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1740 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Amazon Linux 2023 : docker (ALAS2023-2026-1736)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1736 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS6AI score0.00813EPSS
Exploits0References16
Amazon
Amazon
added 2026/05/26 12:0 a.m.29 views

Important: golang

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.6AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.27 views

Important: cni-plugins

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.23 views

Important: libcap

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.20 views

Important: oci-add-hooks

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.19 views

Important: amazon-ecr-credential-helper

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.25 views

Important: rclone

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.24 views

Important: runfinch-finch

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.24 views

Important: golist

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00813EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.20 views

Important: cri-tools

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Rows per page
Query Builder