Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 2026/07/01 6:46 p.m.11 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.6CVSS7.6AI score0.00939EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2 : soci-snapshotter, --advisory ALAS2DOCKER-2026-131 (ALASDOCKER-2026-131)

The version of soci-snapshotter installed on the remote host is prior to 0.14.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-131 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-2568...

9.6CVSS7AI score0.00939EPSS
Exploits0References20
OSV
OSV
added 2026/06/17 8:36 a.m.2 views

SUSE-SU-2026:22155-1 Security update for go1.25

This update for go1.25 fixes the following issues Update to go1.25.11 bsc1244485: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.9AI score0.00939EPSS
Exploits0References10
OSV
OSV
added 2026/06/17 8:36 a.m.3 views

SUSE-SU-2026:22154-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.9AI score0.00939EPSS
Exploits0References10
SUSE Linux
SUSE Linux
added 2026/06/09 7:6 p.m.9 views

Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. CVE-2026-42507: net/textproto: arbitrary input are includ...

6.9CVSS5.7AI score0.00939EPSS
Exploits0References14
OSV
OSV
added 2026/06/09 7:6 p.m.7 views

SUSE-SU-2026:2327-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.7AI score0.00939EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 2:30 p.m.4 views

CLEANSTART-2026-BP69037 Security fixes for CVE-2026-27145, CVE-2026-39824, CVE-2026-42504, CVE-2026-42507 applied in versions: 1.0.10-r4, 1.0.10-r5

Multiple security vulnerabilities affect the wait-for-port package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS5.9AI score0.00939EPSS
Exploits0References9
NVD
NVD
added 2026/06/02 11:16 p.m.16 views

CVE-2026-27145

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

7.5CVSS0.00939EPSS
Exploits0References15
Rows per page
Query Builder