1&1 Online Storage Security Vulnerabilities

Tuesday, July 2, 2024 Security Releases

Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...

CVE-2023-4017 Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple Parameters

The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2023-4017 Goya <= 1.0.8.7 - Unauthenticated Reflected Cross-Site Scripting via Multiple Parameters

The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2023-29406 affecting package golang for versions less than 1.20.7-1

CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-29403 affecting package golang for versions less than 1.20.7-1

CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-29402 affecting package golang for versions less than 1.20.7-1

CVE-2023-29402 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24538 affecting package golang for versions less than 1.19.8-1

CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...

CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1

CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...

CVE-2021-3672 affecting package pgbouncer 1.16.1-1

CVE-2021-3672 affecting package pgbouncer 1.16.1-1. No patch is available...

CVE-2011-1429 affecting package mutt 2.2.12-1

CVE-2011-1429 affecting package mutt 2.2.12-1. No patch is available...

CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24540 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24540 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...

CVE-2022-3114 affecting package kernel 5.15.158.2-1

CVE-2022-3114 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-45885 affecting package kernel 5.15.158.2-1

CVE-2022-45885 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-40133 affecting package kernel 5.15.158.2-1

CVE-2022-40133 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-2961 affecting package kernel 5.15.158.2-1

CVE-2022-2961 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2021-46828 affecting package libtirpc 1.3.3-1

CVE-2021-46828 affecting package libtirpc 1.3.3-1. This CVE either no longer is or was never...

CVE-2021-3847 affecting package kernel 5.15.158.2-1

CVE-2021-3847 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2007-6353 affecting package exiv2 0.28.0-1

CVE-2007-6353 affecting package exiv2 0.28.0-1. No patch is available...

CVE-2023-24539 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24539 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...

CVE-2023-29400 affecting package golang for versions less than 1.20.7-1

CVE-2023-29400 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-39533 affecting package msft-golang for versions less than 1.19.12-1

CVE-2023-39533 affecting package msft-golang for versions less than 1.19.12-1. A patched version of the package is...

CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24539 affecting package golang for versions less than 1.20.7-1

CVE-2023-24539 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24537 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24537 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...

CVE-2022-41725 affecting package golang for versions less than 1.19.5-1

CVE-2022-41725 affecting package golang for versions less than 1.19.5-1. A patched version of the package is...

CVE-2022-41724 affecting package golang for versions less than 1.19.6-1

CVE-2022-41724 affecting package golang for versions less than 1.19.6-1. A patched version of the package is...

CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1

CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1. A patched version of the package is...

CVE-2007-1397 affecting package fish 3.6.2-1

CVE-2007-1397 affecting package fish 3.6.2-1. This CVE either no longer is or was never...

CVE-1999-0965 affecting package xterm 380-1

CVE-1999-0965 affecting package xterm 380-1. No patch is available...

CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2007-3205 affecting package php 8.1.28-1

CVE-2007-3205 affecting package php 8.1.28-1. No patch is available...

CVE-2023-39533 affecting package golang for versions less than 1.19.12-1

CVE-2023-39533 affecting package golang for versions less than 1.19.12-1. A patched version of the package is...

CVE-2023-29409 affecting package golang for versions less than 1.20.7-1

CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24537 affecting package golang for versions less than 1.20.7-1

CVE-2023-24537 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2022-41722 affecting package golang 1.21.11-1

CVE-2022-41722 affecting package golang 1.21.11-1. No patch is available...

CVE-2022-1941 affecting package mysql 8.0.36-1

CVE-2022-1941 affecting package mysql 8.0.36-1. No patch is available...

CVE-2023-29404 affecting package golang for versions less than 1.20.7-1

CVE-2023-29404 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24534 affecting package msft-golang for versions less than 1.20.7-1

CVE-2023-24534 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2023-24538 affecting package msft-golang for versions less than 1.20.11-1

CVE-2023-24538 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...

CVE-2023-24534 affecting package golang for versions less than 1.20.7-1

CVE-2023-24534 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...

CVE-2022-4904 affecting package rubygem-mini_portile2 2.8.0-1

CVE-2022-4904 affecting package rubygem-mini_portile2 2.8.0-1. No patch is available...

CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1

CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1. No patch is available...

CVE-2022-41724 affecting package msft-golang for versions less than 1.19.6-1

CVE-2022-41724 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...

CVE-2022-4543 affecting package kernel 5.15.158.2-1

CVE-2022-4543 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-46456 affecting package nasm for versions less than 2.16-1

CVE-2022-46456 affecting package nasm for versions less than 2.16-1. No patch is available...

CVE-2022-38457 affecting package kernel 5.15.158.2-1

CVE-2022-38457 affecting package kernel 5.15.158.2-1. No patch is available...