Lucene search
K

209 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.12 views

RockyLinux 10 : gvisor-tap-vsock (RLSA-2025:9151)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9151 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.9 views

RockyLinux 10 : grafana (RLSA-2025:8666)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:8666 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.3 views

RockyLinux 10 : git-lfs (RLSA-2025:9063)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9063 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.1 views

RockyLinux 9 : skopeo (RLSA-2025:9145)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9145 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fr...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29516

Malicious code in bioql PyPI...

6.6AI score
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-11855

Malicious code in bioql PyPI...

9.1CVSS7.6AI score0.00778EPSS
Exploits0References6
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.9 views

opentelemetry-collector security update

An update is available for opentelemetry-collector. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Collector with the supported components for a Rocky Enterpri...

9.1CVSS7.8AI score0.00778EPSS
Exploits0
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.5 views

golang security update

An update is available for golang. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The golang packages provide the Go programming language compiler. Security...

9.1CVSS7AI score0.00778EPSS
Exploits0
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.5 views

delve security update

An update is available for delve. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Delve is a debugger for the Go programming language. The goal of the project i...

9.1CVSS7AI score0.00778EPSS
Exploits0
OSV
OSV
added 2025/10/03 7:56 p.m.11 views

RLSA-2025:9148 Moderate: buildah security update

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a...

5.4CVSS7.6AI score0.00778EPSS
Exploits0References2
OSV
OSV
added 2025/10/03 7:56 p.m.13 views

RLSA-2025:8477 Moderate: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

5.4CVSS7.5AI score0.00778EPSS
Exploits0References2
OSV
OSV
added 2025/09/19 1:13 p.m.3 views

OESA-2025-2309 golang security update

. Security Fixes: The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.CVE-2025-22871...

9.1CVSS6.9AI score0.00778EPSS
Exploits0References2
OSV
OSV
added 2025/09/19 1:13 p.m.9 views

OESA-2025-2308 golang security update

. Security Fixes: The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.CVE-2025-22871...

9.1CVSS6.9AI score0.00778EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2025-2125)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...

9.1CVSS7AI score0.00778EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/09/10 12:0 a.m.2 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2025-2126)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.7AI score0.00778EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

EulerOS 2.0 SP9 : golang (EulerOS-SA-2025-2126)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a...

9.1CVSS7AI score0.00778EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/09/09 3:23 p.m.7 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References8
OSV
OSV
added 2025/09/08 2:13 p.m.4 views

GO-2025-3925 Versity panic induced by AWS chunked data sent to port in github.com/versity/versitygw

Versity panic induced by AWS chunked data sent to port in github.com/versity/versitygw...

7AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.5 views

PT-2025-36649

Versity panic induced by AWS chunked data sent to port in github.com/versity/versitygw...

6.9AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/09/02 6:36 p.m.11 views

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed LF instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling—where an attacker tricks the system to se...

9.1CVSS7.1AI score0.00778EPSS
Exploits0References8
Rows per page
Query Builder