Lucene search
+L

9 matches found

Cvelist
Cvelist
added yesterday20 views

CVE-2026-48978 oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens

oras-go is a Go library for managing OCI artifacts. Prior to 2.6.1, auth.Client follows the realm URL from a registry's WWW-Authenticate: Bearer challenge without validating the scheme or host, allowing a malicious or compromised registry to cause SSRF to internal networks such as...

2.1CVSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/02/24 12:0 a.m.30 views

Fedora: Security Advisory for golang-oras-2 (FEDORA-2023-c9b2182a4e)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8.7AI score0.00818EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/24 12:0 a.m.21 views

Fedora: Security Advisory for golang-oras-1 (FEDORA-2023-c9b2182a4e)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.7AI score0.05623EPSS
Exploits1References2
Fedora
Fedora
added 2023/02/23 1:26 a.m.38 views

[SECURITY] Fedora 36 Update: golang-oras-1-1.2.1-1.fc36

ORAS Go library...

9.3CVSS8.1AI score0.05623EPSS
Exploits1
Fedora
Fedora
added 2023/02/23 12:45 a.m.37 views

[SECURITY] Fedora 38 Update: golang-oras-1-1.2.1-1.fc38

ORAS Go library...

9.3CVSS8.1AI score0.05623EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.24 views

Fedora: Security Advisory for golang-oras-1 (FEDORA-2023-4e2068ba5d)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8.7AI score0.00818EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.23 views

Fedora: Security Advisory for golang-oras-2 (FEDORA-2023-4e2068ba5d)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8.7AI score0.00818EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.27 views

Fedora: Security Advisory for golang-oras-2 (FEDORA-2023-6550d9323b)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.20 views

Fedora: Security Advisory for golang-oras-1 (FEDORA-2023-6550d9323b)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8.7AI score0.00818EPSS
Exploits0References2
Rows per page
Query Builder