AZL-60568 CVE-2025-22872 affecting package multus for versions less than 4.0.2-8

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt (CVE-2022-32149)

The version of application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the...

Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector (CVE-2021-44716)

The version of application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-44716...

CVE-2024-45338 affecting package multus for versions less than 4.0.2-4

CVE-2024-45338 affecting package multus for versions less than 4.0.2-4. A patched version of the package is available...

CVE-2024-45338 affecting package multus for versions less than 4.0.2-7

CVE-2024-45338 affecting package multus for versions less than 4.0.2-7. A patched version of the package is available...

AZL-54452 CVE-2024-45338 affecting package multus for versions less than 4.0.2-4

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

AZL-54564 CVE-2024-45338 affecting package multus for versions less than 4.0.2-7

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

CVE-2023-45288 affecting package multus for versions less than 4.0.2-3

CVE-2023-45288 affecting package multus for versions less than 4.0.2-3. A patched version of the package is available...

CVE-2023-39325 affecting package multus for versions less than 4.0.2-3

CVE-2023-39325 affecting package multus for versions less than 4.0.2-3. A patched version of the package is available...

CVE-2023-3978 affecting package multus for versions less than 4.0.2-2

CVE-2023-3978 affecting package multus for versions less than 4.0.2-2. A patched version of the package is available...

CVE-2023-3978 affecting package multus for versions less than 4.0.2-5

CVE-2023-3978 affecting package multus for versions less than 4.0.2-5. A patched version of the package is available...

CVE-2022-32149 affecting package multus for versions less than 4.0.2-1

CVE-2022-32149 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-29526 affecting package multus for versions less than 4.0.2-1

CVE-2022-29526 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2020-28852 affecting package multus for versions less than 4.0.2-1

CVE-2020-28852 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2020-28851 affecting package multus for versions less than 4.0.2-1

CVE-2020-28851 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-21698 affecting package multus for versions less than 4.0.2-1

CVE-2022-21698 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-38561 affecting package multus for versions less than 4.0.2-1

CVE-2021-38561 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44716 affecting package multus for versions less than 4.0.2-1

CVE-2021-44716 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-45288 affecting package multus for versions less than 4.0.2-3

CVE-2023-45288 affecting package multus for versions less than 4.0.2-3. A patched version of the package is available...

AZL-39550 CVE-2023-45288 affecting package multus for versions less than 4.0.2-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...