Lucene search
+L

8 matches found

OSV
OSV
added 2025/08/01 4:7 p.m.12 views

SUSE-SU-2025:02350-2 Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: - CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865...

6.5CVSS6.8AI score0.00478EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/07/18 4:44 p.m.4 views

Security update for kubernetes1.26

This update for kubernetes1.26 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.5CVSS7.2AI score0.00478EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/07/17 12:32 p.m.8 views

Security update for kubernetes1.28

This update for kubernetes1.28 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.5CVSS7.2AI score0.00478EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/07/16 2:50 p.m.4 views

Security update for kubernetes1.27

This update for kubernetes1.27 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.5CVSS7.2AI score0.00478EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/06/13 7:20 a.m.4 views

Security update for kubernetes1.24

This update for kubernetes1.24 fixes the following issues: CVE-2025-22872: Properly handle trailing solidus in unquoted attribute value in foreign content bsc1241865. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.5CVSS7.2AI score0.00478EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.11 views

Amazon Linux 2 : nerdctl (ALAS-2025-2863)

The version of nerdctl installed on the remote host is prior to 2.0.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2863 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a...

9.1CVSS7.3AI score0.00778EPSS
Exploits0References6
Veracode
Veracode
added 2025/04/23 4:16 p.m.6 views

Cross-site Scripting (XSS)

golang.org/x/net is vulnerable to improper parsing logic. The vulnerability is due to incorrect tag interpretation in unquoted attribute values ending with a solidus / being mistakenly marked as self-closing, especially in foreign content like or . which allows attackers to exploit content in the...

6.5CVSS6.6AI score0.00478EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2025/04/16 6:16 p.m.11 views

CVE-2025-22872

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

6.6AI score
Exploits0References5
Rows per page
Query Builder