Tuesday, July 2, 2024 Security Releases
Summary The Node.js project will release new versions of the 22.x, 20.x, 18.x releases lines on or shortly after, Tuesday, July 2, 2024 in order to address: 1 high severity issues. 2 medium severity issues. 3 low severity issues. Node.js fetch will be upgraded to undici v6.19.2 on Node.js 18.x...
7AI Score
The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
6.1CVSS
EPSS
The Goya theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘attra-color’, 'attra-size', and 'product-cata' parameters in versions up to, and including, 1.0.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
6.1CVSS
6.5AI Score
EPSS
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1
CVE-2023-29406 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
6.5CVSS
7.3AI Score
0.001EPSS
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1
CVE-2023-29403 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.8CVSS
7.3AI Score
0.001EPSS
CVE-2023-29402 affecting package golang for versions less than 1.20.7-1
CVE-2023-29402 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.005EPSS
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1
CVE-2023-24538 affecting package golang for versions less than 1.19.8-1. A patched version of the package is...
9.8CVSS
10AI Score
0.003EPSS
CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1
CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2021-3672 affecting package pgbouncer 1.16.1-1
CVE-2021-3672 affecting package pgbouncer 1.16.1-1. No patch is available...
5.6CVSS
7AI Score
0.002EPSS
CVE-2011-1429 affecting package mutt 2.2.12-1
CVE-2011-1429 affecting package mutt 2.2.12-1. No patch is available...
6.4AI Score
0.003EPSS
CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-24540 affecting package msft-golang for versions less than 1.20.11-1
CVE-2023-24540 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...
9.8CVSS
7.3AI Score
0.003EPSS
CVE-2022-3114 affecting package kernel 5.15.158.2-1
CVE-2022-3114 affecting package kernel 5.15.158.2-1. No patch is available...
5.5CVSS
6.5AI Score
0.0004EPSS
CVE-2022-45885 affecting package kernel 5.15.158.2-1
CVE-2022-45885 affecting package kernel 5.15.158.2-1. No patch is available...
7CVSS
7.3AI Score
0.0004EPSS
CVE-2022-40133 affecting package kernel 5.15.158.2-1
CVE-2022-40133 affecting package kernel 5.15.158.2-1. No patch is available...
6.3CVSS
6.5AI Score
0.0004EPSS
CVE-2022-2961 affecting package kernel 5.15.158.2-1
CVE-2022-2961 affecting package kernel 5.15.158.2-1. No patch is available...
7CVSS
6.8AI Score
0.0004EPSS
CVE-2021-46828 affecting package libtirpc 1.3.3-1
CVE-2021-46828 affecting package libtirpc 1.3.3-1. This CVE either no longer is or was never...
7.5CVSS
9.1AI Score
0.005EPSS
CVE-2021-3847 affecting package kernel 5.15.158.2-1
CVE-2021-3847 affecting package kernel 5.15.158.2-1. No patch is available...
7.8CVSS
7.7AI Score
0.0004EPSS
CVE-2007-6353 affecting package exiv2 0.28.0-1
CVE-2007-6353 affecting package exiv2 0.28.0-1. No patch is available...
6.4AI Score
0.021EPSS
CVE-2023-24539 affecting package msft-golang for versions less than 1.20.11-1
CVE-2023-24539 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...
7.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1
CVE-2023-29400 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-39533 affecting package msft-golang for versions less than 1.19.12-1
CVE-2023-39533 affecting package msft-golang for versions less than 1.19.12-1. A patched version of the package is...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29403 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...
7.8CVSS
7.3AI Score
0.001EPSS
CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29400 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-24539 affecting package golang for versions less than 1.20.7-1
CVE-2023-24539 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.3CVSS
8.9AI Score
0.001EPSS
CVE-2023-24537 affecting package msft-golang for versions less than 1.20.11-1
CVE-2023-24537 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.001EPSS
CVE-2022-41725 affecting package golang for versions less than 1.19.5-1
CVE-2022-41725 affecting package golang for versions less than 1.19.5-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2022-41724 affecting package golang for versions less than 1.19.6-1
CVE-2022-41724 affecting package golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1
CVE-2018-14040 affecting package reaper for versions less than 3.1.1-1. A patched version of the package is...
6.1CVSS
6.7AI Score
0.008EPSS
CVE-2007-1397 affecting package fish 3.6.2-1
CVE-2007-1397 affecting package fish 3.6.2-1. This CVE either no longer is or was never...
6.5AI Score
0.171EPSS
CVE-1999-0965 affecting package xterm 380-1
CVE-1999-0965 affecting package xterm 380-1. No patch is available...
6.9AI Score
0.0004EPSS
CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-24536 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.005EPSS
CVE-2007-3205 affecting package php 8.1.28-1
CVE-2007-3205 affecting package php 8.1.28-1. No patch is available...
6.7AI Score
0.065EPSS
CVE-2023-39533 affecting package golang for versions less than 1.19.12-1
CVE-2023-39533 affecting package golang for versions less than 1.19.12-1. A patched version of the package is...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1
CVE-2023-29409 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
5.3CVSS
7.3AI Score
0.001EPSS
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1
CVE-2023-29405 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.005EPSS
CVE-2023-24537 affecting package golang for versions less than 1.20.7-1
CVE-2023-24537 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.5CVSS
9AI Score
0.001EPSS
CVE-2022-41722 affecting package golang 1.21.11-1
CVE-2022-41722 affecting package golang 1.21.11-1. No patch is available...
7.5CVSS
8.6AI Score
0.001EPSS
CVE-2022-1941 affecting package mysql 8.0.36-1
CVE-2022-1941 affecting package mysql 8.0.36-1. No patch is available...
7.5CVSS
7.8AI Score
0.002EPSS
CVE-2023-29404 affecting package golang for versions less than 1.20.7-1
CVE-2023-29404 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
9.7AI Score
0.005EPSS
CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...
9.8CVSS
7.3AI Score
0.005EPSS
CVE-2023-24534 affecting package msft-golang for versions less than 1.20.7-1
CVE-2023-24534 affecting package msft-golang for versions less than 1.20.7-1. A patched version of the package is...
7.5CVSS
7.3AI Score
0.002EPSS
CVE-2023-24538 affecting package msft-golang for versions less than 1.20.11-1
CVE-2023-24538 affecting package msft-golang for versions less than 1.20.11-1. A patched version of the package is...
9.8CVSS
7.3AI Score
0.003EPSS
CVE-2023-24534 affecting package golang for versions less than 1.20.7-1
CVE-2023-24534 affecting package golang for versions less than 1.20.7-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.002EPSS
CVE-2022-4904 affecting package rubygem-mini_portile2 2.8.0-1
CVE-2022-4904 affecting package rubygem-mini_portile2 2.8.0-1. No patch is available...
8.6CVSS
8.9AI Score
0.001EPSS
CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1
CVE-2022-3857 affecting package libpng for versions less than 1.6.39-1. No patch is available...
5.5CVSS
5.5AI Score
0.001EPSS
CVE-2022-41724 affecting package msft-golang for versions less than 1.19.6-1
CVE-2022-41724 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...
7.5CVSS
9.1AI Score
0.001EPSS
CVE-2022-4543 affecting package kernel 5.15.158.2-1
CVE-2022-4543 affecting package kernel 5.15.158.2-1. No patch is available...
5.5CVSS
5.4AI Score
0.0004EPSS
CVE-2022-46456 affecting package nasm for versions less than 2.16-1
CVE-2022-46456 affecting package nasm for versions less than 2.16-1. No patch is available...
6.1CVSS
6.4AI Score
0.001EPSS
CVE-2022-38457 affecting package kernel 5.15.158.2-1
CVE-2022-38457 affecting package kernel 5.15.158.2-1. No patch is available...
6.3CVSS
6.5AI Score
0.0004EPSS