Lucene search
+L

149 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/01 12:0 a.m.26 views

Amazon Linux 2 : amazon-ecr-credential-helper (ALASNITRO-ENCLAVES-2023-033)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.7.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-033 advisory. The HTTP/2 protocol allows a denial of service server resource consumption because request...

7.5CVSS7AI score0.03796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/20 12:0 a.m.72 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2023-346)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-346 advisory. The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now...

6.5CVSS7AI score0.01453EPSS
Exploits0References6
Amazon
Amazon
added 2023/09/20 12:0 a.m.9 views

Important: amazon-ecr-credential-helper

Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...

6.5CVSS7.1AI score0.01453EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/08 12:0 a.m.37 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2023-337)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-337 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has no...

7.5CVSS6.8AI score0.04561EPSS
Exploits0References4
Amazon
Amazon
added 2023/09/07 12:0 a.m.6 views

Important: amazon-ecr-credential-helper

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: amazon-ecr-credential-helper Issue Correction: Run dnf update amazon-ecr-credential-helper --releasever 2023.1.20230906 or dnf update --advisory ALAS2023-2023-337 --releasever 2023.1.202309...

7.5CVSS6.7AI score0.04561EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/06 12:0 a.m.25 views

Amazon Linux 2 : amazon-ecr-credential-helper (ALASDOCKER-2023-030)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.7.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2023-030 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Tenable has extracted the...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References4
Amazon
Amazon
added 2023/09/06 12:0 a.m.5 views

Important: amazon-ecr-credential-helper

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: amazon-ecr-credential-helper Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the...

7.5CVSS6.9AI score0.04561EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/06 12:0 a.m.28 views

Amazon Linux 2 : amazon-ecr-credential-helper (ALASNITRO-ENCLAVES-2023-029)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.7.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2023-029 advisory. http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Tenable has extracted th...

7.5CVSS6.9AI score0.04561EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.4 views

SUSE CVE-2020-5260

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system...

7.5CVSS9.7AI score0.10047EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2021/11/09 12:0 a.m.49 views

Ubuntu 18.04 LTS / 20.04 LTS : Docker vulnerability (USN-5134-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5134-1 advisory. An information disclosure issue was discovered in the command line interface of Docker. A misconfigured credential store could result in supplied...

7.5CVSS6.4AI score0.01536EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.40 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : git Vulnerability (NS-SA-2021-0141)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has git packages installed that are affected by a vulnerability: - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is simil...

7.5CVSS7.4AI score0.03899EPSS
Exploits0References3
NVD
NVD
added 2021/10/04 8:15 p.m.21 views

CVE-2021-41092

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

7.5CVSS0.01536EPSS
Exploits0References5
Prion
Prion
added 2021/10/04 8:15 p.m.31 views

Path traversal

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

5CVSS7.4AI score0.01536EPSS
Exploits0References5Affected Software2
Debian CVE
Debian CVE
added 2021/10/04 8:10 p.m.44 views

CVE-2021-41092

Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json listing a credsStore or credHelpers that could not be...

7.5CVSS6.2AI score0.01536EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/09/28 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2021-2549)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.9AI score0.10047EPSS
Exploits2References2
Redos
Redos
added 2021/09/08 12:0 a.m.61 views

ROS-2-447

2.447 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

9.8CVSS7.2AI score0.10047EPSS
Exploits2
Redos
Redos
added 2021/09/08 12:0 a.m.33 views

ROS-2-640

2.640 Vulnerability in Git CVE-2020-11008, CVE-2020-5260 1. Vulnerability Description: Vulnerability in Git. The vulnerability affects the "credential.helper" handlers and is exploited when a specially crafted URL containing a newline character, an empty host, or an unspecified request scheme is...

9.3CVSS7.9AI score0.10047EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.42 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : git Multiple Vulnerabilities (NS-SA-2020-0113)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has git packages installed that are affected by multiple vulnerabilities: - An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clone...

9.3CVSS8.2AI score0.10047EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2020/12/09 12:0 a.m.29 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : git Multiple Vulnerabilities (NS-SA-2020-0075)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has git packages installed that are affected by multiple vulnerabilities: - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug...

9.3CVSS7.5AI score0.10047EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.24 views

EulerOS 2.0 SP3 : git (EulerOS-SA-2020-2111)

According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git use...

9.3CVSS7.4AI score0.10047EPSS
Exploits2References2
Rows per page
Query Builder