Lucene search
K

245 matches found

RedHat Linux
RedHat Linux
added 2026/04/29 7:6 p.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 5:54 p.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 1:32 p.m.12 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 1:13 p.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 1:9 p.m.4 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 8:11 a.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/29 7:37 a.m.7 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/24 2:38 a.m.8 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/23 9:39 p.m.6 views

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References8
NVD
NVD
added 2026/04/22 3:16 a.m.10 views

CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

6.2CVSS0.00162EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/04/22 12:0 a.m.8 views

kernel security update

6.12.0-124.52.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

7.8CVSS6.3AI score0.00171EPSS
Exploits0
OSV
OSV
added 2026/04/16 11:36 p.m.3 views

BIT-ACTIVEMQ-2026-39304 Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger updates which causes...

7.5CVSS5.7AI score0.00896EPSS
Exploits0References6
OSV
OSV
added 2026/04/15 12:39 a.m.7 views

CLEANSTART-2026-MP87020 If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources

Multiple security vulnerabilities affect the karpenter package. If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. See references for individual vulnerability details...

9.8CVSS7.2AI score0.00728EPSS
Exploits0References11
OSV
OSV
added 2026/04/13 5:43 a.m.3 views

BIT-GOLANG-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

7.5CVSS5.8AI score0.00621EPSS
Exploits0References100
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.11 views

PT-2026-32422

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

7.5CVSS5.8AI score0.00621EPSS
Exploits0References6
OSV
OSV
added 2026/04/10 11:16 a.m.3 views

DEBIAN-CVE-2026-39304

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger updates which causes...

7.5CVSS5.4AI score0.00896EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31892

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ Client versions before 5.19.4, from 6.0.0 through 6.2.3 Apache ActiveMQ Broker versions before 5.19.4, from 6.0.0 through 6.2.3 Apache ActiveMQ versions before 5.19.4, from 6.0.0 through 6.2.3 Description A denial of service...

7.5CVSS5.8AI score0.00896EPSS
Exploits0References35
SUSE CVE
SUSE CVE
added 2026/04/08 11:25 p.m.10 views

SUSE CVE-2026-32283

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

5.9CVSS5.8AI score0.00621EPSS
Exploits0References44
EUVD
EUVD
added 2026/04/08 3:32 a.m.4 views

EUVD-2026-20014

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

5.9AI score0.00621EPSS
Exploits0References5
OSV
OSV
added 2026/04/08 2:16 a.m.3 views

DEBIAN-CVE-2026-32283

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3...

7.5CVSS5.3AI score0.00621EPSS
Exploits0References1
Rows per page
Query Builder