Lucene search
K

102 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 8 : go-toolset:rhel8 delve-1.8.3-1.module+el8+1585+5d99e9d3, golang-1.18.9-1.module+el8+1585+5d99e9d3, go-toolset-1.18.9-1.module+el8+1585+5d99e9d3 (AXSA:2023-4877:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4877:01 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

7.5CVSS7.7AI score0.01544EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : cockpit-composer-45-1.el8, osbuild-composer-75-1.el8.ML.1, osbuild-81-1.el8.ML.1, weldr-client-35.9-2.el8 (AXSA:2023-6087:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6087:04 advisory. golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward...

7.5CVSS7.8AI score0.05623EPSS
Exploits1References6
CBLMariner
CBLMariner
added 2025/10/28 9:13 p.m.4 views

CVE-2022-2879 affecting package buildah for versions less than 1.41.4-2

CVE-2022-2879 affecting package buildah for versions less than 1.41.4-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.01544EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/10/28 9:13 p.m.4 views

CVE-2022-2879 affecting package podman for versions less than 5.6.1-2

CVE-2022-2879 affecting package podman for versions less than 5.6.1-2. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.01544EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: osbuild (TSSA-2023:0105)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0105 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.9AI score0.05623EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 3: cockpit-composer (TSSA-2023:0135)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0135 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.9AI score0.05623EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 3: ostree (TSSA-2023:0103)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0103 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.2CVSS7.2AI score0.02513EPSS
Exploits7References16
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.19 views

Alibaba Cloud Linux 3 : 0101: container-tools:rhel8 (ALINUX3-SA-2024:0101)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0101 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-25091: urllib3 before 1.24.2 does...

8.6CVSS7.6AI score0.9378EPSS
Exploits7References20
OSV
OSV
added 2025/05/07 7:11 p.m.11 views

RLSA-2024:0121 Moderate: container-tools:4.0 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: archive/tar: unbounded memory consumption when reading headers CVE-2022-2879 golang: net/http/httputil: ReverseProxy should not forward unparseable query...

7.5CVSS7.2AI score0.02513EPSS
Exploits1References10
Amazon
Amazon
added 2025/04/29 12:0 a.m.5 views

Medium: runc

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.7 views

Medium: docker

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.11 views

Amazon Linux 2 : containerd (ALASECS-2025-060)

The version of containerd installed on the remote host is prior to 1.6.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-060 advisory. Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read ...

7.5CVSS7AI score0.01544EPSS
Exploits0References6
Amazon
Amazon
added 2025/04/29 12:0 a.m.8 views

Medium: docker

Issue Overview: Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics. After fix, Reader.Read limits the maximum size of header blocks to 1 MiB...

7.5CVSS6.8AI score0.01544EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/04 9:17 p.m.25 views

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to multiple software weaknesses due to Golang

Summary Golang Go is vulnerable to a denial of service, which could allow a remote attacker to conduct query parameter smuggling and could allow a local attacker to execute arbitrary code on the system. Golang is used by IBM Storage Fusion Data Foundation as a core part of operators. This bulleti...

9.8CVSS9.4AI score0.1593EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-2879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory,...

7.5CVSS6.7AI score0.01544EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.11 views

Azure Linux 3.0 Security Update: golang / ig / moby-engine / skopeo (CVE-2022-2879)

The version of golang / ig / moby-engine / skopeo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2879 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A malicious...

7.5CVSS6.9AI score0.01544EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.18 views

CVE-2022-2879 affecting package golang 1.17.13-2

CVE-2022-2879 affecting package golang 1.17.13-2. No patch is available currently...

7.5CVSS9.1AI score0.01544EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/08/14 8:43 p.m.20 views

CVE-2022-2879 affecting package moby-engine for versions less than 25.0.3-3

CVE-2022-2879 affecting package moby-engine for versions less than 25.0.3-3. A patched version of the package is available...

7.5CVSS7.8AI score0.01544EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/08/14 8:43 p.m.14 views

CVE-2022-2879 affecting package skopeo for versions less than 1.14.4-1

CVE-2022-2879 affecting package skopeo for versions less than 1.14.4-1. A patched version of the package is available...

7.5CVSS7.8AI score0.01544EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/07/23 2:21 a.m.16 views

CVE-2022-2879 affecting package libcontainers-common for versions less than 20240213-2

CVE-2022-2879 affecting package libcontainers-common for versions less than 20240213-2. A patched version of the package is available...

7.5CVSS7.8AI score0.01544EPSS
Exploits0
Rows per page
Query Builder