74 matches found
buildah security update
An update is available for buildah. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The buildah package provides a tool for facilitating building OCI container...
golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to...
RockyLinux 8 : container-tools:rhel8 (RLSA-2026:35833)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:35833 advisory. github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption JWE object CVE-2026-34986...
SUSE-SU-2026:22442-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260264. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allo...
SUSE SLES15 Security Update : amazon-ssm-agent (SUSE-SU-2026:2467-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2467-1 advisory. This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh...
OPENSUSE-SU-2026:21120-1 Security update for mcphost
This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267109. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...
Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh
...
Missing Release of Resource after Effective Lifetime
Overview golang.org/x/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime through the repeated opening of channels by an authenticated SSH client that are subsequently rejected by the server. An attacker ca...
Missing Release of Resource after Effective Lifetime
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime through the repeated opening of channels by an authenticated SSH client that are subsequently rejected by the server. An attack...
Missing Release of Resource after Effective Lifetime
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime through the handling of unsolicited global request responses, which can fill an internal buffer and block the connection's read...
Incorrect Type Conversion or Cast
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast due to an incorrectly placed cast from bytes to int in the AES-GCM packet decoder process. An attacker can cause a server-side panic by sending...
Incorrect Authorization
Overview github.com/golang/crypto/ssh is a SSH client and server Affected versions of this package are vulnerable to Incorrect Authorization due to improper enforcement of permissions in the VerifiedPublicKeyCallback process. An attacker can bypass source-address validation by passing a callback...
CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh
An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...
CVE-2026-46595 Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh
Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped...
CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...
RHEL 9 : podman (RHSA-2026:5222)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5222 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
SUSE SLES12 Security Update : docker (SUSE-SU-2026:0772-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0772-1 advisory. - CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Tenable has...
Security update for docker
This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...
SUSE-SU-2026:0772-1 Security update for docker
This update for docker fixes the following issues: - CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904...
Security update for docker
This update for docker fixes the following issues: CVE-2025-58181: Fixed a bug in crypto/ssh where invalidated number of mechanisms can cause unbounded memory consumption. bsc1253904 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupda...