Lucene search
+L

81 matches found

OSV
OSV
added 2023/11/13 4:42 p.m.3 views

SUSE-SU-2023:4416-1 Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issue: - rebuild with current go compiler...

7.2AI score
Exploits0References1
OSV
OSV
added 2023/11/13 4:42 p.m.4 views

SUSE-RU-2023:4416-1 Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issue: - rebuild with current go compiler...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/13 12:0 a.m.4 views

PT-2023-36102 · Unknown · Containerized-Data-Importer

Name of the Vulnerable Software and Affected Versions: containerized-data-importer affected versions not specified Description: The issue is related to the containerized-data-importer, which has been rebuilt with the current Go compiler to fix a problem. No specific details about the issue,...

6.8AI score
Exploits0References2
OSV
OSV
added 2023/09/05 1:1 p.m.9 views

SUSE-SU-2023:3536-1 Security update for docker

This update for docker fixes the following issues: - Update to Docker 24.0.5-ce. See upstream changelong online at bsc1213229 - Update to Docker 24.0.4-ce. See upstream changelog online at . bsc1213500 - Update to Docker 24.0.3-ce. See upstream changelog online at . bsc1213120 - Recommend...

8.7CVSS7.7AI score0.02733EPSS
Exploits2References12
GithubExploit
GithubExploit
added 2023/09/04 3:25 a.m.744 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

nftables oob read/write exploit CVE-2023-35001 Exploit used...

7.8CVSS7AI score0.01508EPSS
Exploits2
GithubExploit
GithubExploit
added 2023/09/01 7:41 a.m.804 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

nftables oob read/write exploit CVE-2023-35001 Exploit used...

7.8CVSS7AI score0.01508EPSS
Exploits2
NVD
NVD
added 2023/08/08 7:15 p.m.25 views

CVE-2023-39533

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.4AI score0.01084EPSS
Exploits1References8
OSV
OSV
added 2023/08/08 7:15 p.m.8 views

AZL-27875 CVE-2023-39533 affecting package msft-golang for versions less than 1.19.12-1

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.1AI score0.01084EPSS
Exploits1References1
OSV
OSV
added 2023/08/08 7:15 p.m.7 views

AZL-37359 CVE-2023-39533 affecting package golang for versions less than 1.21.6-1

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.1AI score0.01084EPSS
Exploits1References1
OSV
OSV
added 2023/08/08 7:15 p.m.8 views

AZL-27872 CVE-2023-39533 affecting package golang for versions less than 1.19.12-1

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.1AI score0.01084EPSS
Exploits1References1
OSV
OSV
added 2023/08/08 7:15 p.m.9 views

AZL-52773 CVE-2023-39533 affecting package golang for versions less than 1.19.12-1

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.1AI score0.01084EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/08/08 6:50 p.m.25 views

CVE-2023-39533 libp2p nodes vulnerable to attack using large RSA keys

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.5AI score0.01084EPSS
Exploits1References8
OSV
OSV
added 2023/08/08 6:50 p.m.25 views

CVE-2023-39533 libp2p nodes vulnerable to attack using large RSA keys

go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in th...

7.5CVSS7.6AI score0.01084EPSS
Exploits1References10
OSV
OSV
added 2023/06/08 9:15 p.m.6 views

AZL-79012 CVE-2023-29405 affecting package golang 1.25.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.3 views

DEBIAN-CVE-2023-29404

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. The arguments for a...

9.8CVSS7.6AI score0.01837EPSS
Exploits0References1
OSV
OSV
added 2023/06/08 9:15 p.m.6 views

AZL-52827 CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

9.8CVSS7AI score0.01728EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/19 12:0 a.m.12 views

PT-2023-3869 · Go +11 · Go +11

Name of the Vulnerable Software and Affected Versions: Go versions prior to the fixed version Description: The issue is related to the incorrect handling of code generation when processing linker flags from the CgoLDFLAGS directive, allowing a remote attacker to execute arbitrary code. This can...

10CVSS7.2AI score0.99999EPSS
Exploits20References233
OSV
OSV
added 2023/05/08 11:10 a.m.6 views

SUSE-SU-2023:2125-1 Security update for containerd

This update for containerd fixes the following issues: - containerd was rebuilt with a current GO compiler, catching up to bug and security fixes provided by go. bsc1210298...

7.2AI score
Exploits0References2
OSV
OSV
added 2023/04/24 1:19 p.m.6 views

SUSE-SU-2023:1967-1 Security update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container

This update for kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container fixes the following issues: - CVE-2023-26484: Limit operator secrets permission. bsc1209359 kubevirt is also rebuilt...

8.2CVSS8.2AI score0.00611EPSS
Exploits0References4
OSV
OSV
added 2022/10/26 3:50 p.m.4 views

SUSE-SU-2022:3781-1 Security update for container-suseconnect

This update of container-suseconnect is a rebuilt of the previous sources against the current security updated go compiler...

7.2AI score
Exploits0References2
Rows per page
Query Builder