CVE-2026-48126

Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain or --letsencrypt, which silently turns on --domain at engine/flags.go:372, the request handler resolves the served directory by joining the configured --dir with the value of the...

EUVD-2026-31881

Algernon is a small self-contained pure-Go web server. Prior to 1.17.8, when algernon is started with --domain or --letsencrypt, which silently turns on --domain at engine/flags.go:372, the request handler resolves the served directory by joining the configured --dir with the value of the...

rsfiles!

Extension: RSFiles! Version: Old 1.17.7 / New 1.17.8 Update details: Versions affected 1.16.3 through 1.17.7. Allows unauthenticated remote attackers to deny access to service via search component. Fixed in 1.17.8 Update URL:...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack though incorrect handling of the OCI hook createContainer during container initialization when update-ldcache is used. An attacker can modify data or disrupt service by supplying a specially crafted container image that...

Critical: nvidia-container-toolkit

Issue Overview: NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data...

CVE-2021-41772 affecting package golang for versions less than 1.17.8-1

CVE-2021-41772 affecting package golang for versions less than 1.17.8-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44716 affecting package golang for versions less than 1.17.8-1

CVE-2021-44716 affecting package golang for versions less than 1.17.8-1. An upgraded version of the package is available that resolves this issue...

SUSE-SU-2022:1167-1 Security update for go1.17

This update for go1.17 fixes the following issues: Update to version 1.17.8 bsc1190649: - CVE-2022-24921: Fixed a potential denial of service via large regular expressions bsc1196732. Non-security fixes: - Fixed an issue with v2 modules go51332. - Fixed an issue when building source in riscv64...

Security fix for the ALT Linux 10 package golang version 1.17.8-alt1

March 4, 2022 Alexey Shabalin 1.17.8-alt1 - New version 1.17.8 Fixes: CVE-2022-24921...

AZL-8513 CVE-2022-23773 affecting package golang for versions less than 1.17.8-1

cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret branch names that falsely appear to be version tags. This can lead to incorrect access control if an actor is supposed to be able to create branches but not tags...

Low: Red Hat Bug Fix Advisory: Red Hat OpenShift Jaeger 1.17.8 Operator/Operand Containers

Red Hat OpenShift Jaeger 1.17.8. Release of Red Hat OpenShift Jaeger provides these changes:...

WordPress onesignal-free-web-push-notifications plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. onesignal-free-web-push-notifications is a plugin used to push notifications to site visitors. A cross-site scripting vulnerability...

Debian Security Advisory DSA 095-1 (gpm)

The remote host is missing an update to gpm announced via advisory DSA 095-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...