Security Bulletin: Go Vulnerabilities affect IBM IBM Database Operator for FoundationDB (CVE-2022-27191, CVE-2021-43565)

Summary The issue has been fixed as part of Cloud Pak for Data release 4.6 Vulnerability Details CVEID:CVE-2022-27191 DESCRIPTION: Go ssh package is vulnerable to a denial of service, caused by an unspecified flaw in certain circumstances involving AddHostKey. By sending a specially-crafted...

EUVD-2025-43565

Malicious code in kurniawan-rojak10-sukiwir npm...

CVE-2025-43565

creationtimestamp| type| source ---|---|--- 2025-05-14 00:07:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pehrsfy2o 2025-05-15 04:32:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16448...

Linux Distros Unpatched Vulnerability : CVE-2021-43565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 Note that...

CVE-2024-43565

Windows Network Address Translation NAT Denial of Service Vulnerability...

CVE-2024-43565

creationtimestamp| type| source ---|---|--- 2024-10-08 17:54:47+00:00| seen| https://www.thezdi.com/blog/2024/10/8/the-october-2024-security-update-review...

CVE-2024-43565 Windows Network Address Translation (NAT) Denial of Service Vulnerability

...

CVE-2024-43565 Windows Network Address Translation (NAT) Denial of Service Vulnerability

...

CVE-2024-43565

CVE-2024-43565 corresponds to a Windows NAT Denial of Service vulnerability with a CVSS v3.1 base score of 7.5 (NETWORK attack, LOW attack complexity, NO privileges, NO user interaction). The issue is tied to the Windows NAT component and is listed among multiple Microsoft Windows vulnerabilities...

CVE-2021-43565 affecting package libcontainers-common for versions less than 20210626-5

CVE-2021-43565 affecting package libcontainers-common for versions less than 20210626-5. A patched version of the package is available...

CVE-2021-43565 affecting package gh for versions less than 2.13.0-19

CVE-2021-43565 affecting package gh for versions less than 2.13.0-19. A patched version of the package is available...

CBL Mariner 2.0 Security Update: cf-cli / cri-o / gh / libcontainers-common (CVE-2021-43565)

The version of cf-cli / cri-o / gh / libcontainers-common installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43565 advisory. - The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of...

CVE-2021-43565 affecting package cri-o for versions less than 1.22.3-5

CVE-2021-43565 affecting package cri-o for versions less than 1.22.3-5. A patched version of the package is available...

CVE-2021-43565 affecting package moby-buildx for versions less than 0.7.1-20

CVE-2021-43565 affecting package moby-buildx for versions less than 0.7.1-20. A patched version of the package is available...

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Denial of Service via use of golang.org/x/net, x/crypto, and x/text (CVE-2022-30633, CVE-2022-27664, CVE-2022-28131, CVE-2022-41721, CVE-2021-43565, CVE-2022-27191)

Summary Golang's x/net, x/crypto and x/text are used by IBM Storage Fusion HCI for networking, cryptography and internationalization. Vulnerabilities in these libraries include Inconsistent Interpretation of HTTP Requests, Uncontrolled Recursion, and Missing Release of Resource that could lead to...

Security Bulletin: IBM Storage Fusion may be vulnerable to Denial of Service via use of golang.org/x/net, x/crypto, and x/text (CVE-2022-30633, CVE-2022-27664, CVE-2022-28131, CVE-2022-41721, CVE-2021-43565, CVE-2022-27191, CVE-2022-32149)

Summary Golang's x/net, x/crypto and x/text are used by IBM Storage Fusion for networking, cryptography and internationalization. Vulnerabilities in these libraries include Inconsistent Interpretation of HTTP Requests, Uncontrolled Recursion, and Missing Release of Resource that could lead to a...

Amazon Linux AMI : amazon-ssm-agent (ALAS-2023-1866)

The version of amazon-ssm-agent installed on the remote host is prior to 3.2.1705.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1866 advisory. 2023-10-30: CVE-2023-24540 was added to this advisory. The x/crypto/ssh package before...

Important: amazon-ssm-agent

Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly consider backticks as Javascript...

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2023-388)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-388 advisory. The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 A broken cryptographic algorithm flaw was foun...

Amazon Linux 2 : amazon-ssm-agent (ALAS-2023-2303)

The version of amazon-ssm-agent installed on the remote host is prior to 3.2.1705.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2303 advisory. 2023-10-30: CVE-2023-29409 was added to this advisory. 2023-10-30: CVE-2023-3978 was added to this advisory...