4 matches found
Astra Linux – Vulnerability in Golang-1.15
Avoid versions before 1.15.13 and 1.16.x, as well as those before 1.16.5, which have functions for DNS lookups that do not validate replies from DNS servers. As a result, a return value might contain an unsafe injection e.g., XSS, which does not conform to the RFC1035 format...
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers and thus a return value may contain an unsafe injection (e.g. XSS) that does not conform to the RFC1035 format.
...
Rocky Linux 8 : grafana (RLSA-2021:4226)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4226 advisory. - The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call...
SUSE CVE-2021-33195
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection e.g., XSS that does not conform to the RFC1035 format...