10 matches found
Cross site scripting
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...
CVE-2023-37905 Cross-site Scripting (XSS) in Source Mode of Editor in ckeditor-wordcount-plugin
ckeditor-wordcount-plugin is an open source WordCount Plugin for CKEditor. It has been discovered that the ckeditor-wordcount-plugin plugin for CKEditor4 is susceptible to cross-site scripting when switching to the source code mode. This issue has been addressed in version 1.17.12 of the...
SUSE CVE-2022-1962
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations...
Important: Red Hat Security Advisory: Red Hat Application Interconnect 1.0 Release (rpms)
Red Hat Application Interconnect 1.0 introduces a service network, linking TCP and HTTP services across the hybrid cloud. A service network enables communication between services running in different network locations or sites. It allows geographically distributed services to connect as if they...
Important: Red Hat Security Advisory: go-toolset and golang security and bug fix update
An update for go-toolset and golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
go-toolset and golang security and bug fix update
An update is available for golang, go-toolset. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and librarie...
RLSA-2022:5775 Important: go-toolset:rhel8 security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stac...
go-toolset:rhel8 security and bug fix update
An update is available for delve, golang, go-toolset. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and...
Important: go-toolset:rhel8 security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: compress/gzip: stack exhaustion in Reader.Read CVE-2022-30631 golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stac...
Security fix for the ALT Linux 10 package golang version 1.17.12-alt1.p10
1.17.12-alt1.p10 built July 29, 2022 Alexey Shabalin in task 304432 --- July 28, 2022 Alexey Shabalin - New version 1.17.12. - Fixes: + CVE-2022-1705 + CVE-2022-32148 + CVE-2022-30631 + CVE-2022-30633 + CVE-2022-28131 + CVE-2022-30635 + CVE-2022-30632 + CVE-2022-30630 + CVE-2022-1962...