50 matches found
CVE-2026-39835 affecting package packer for versions less than 1.9.5-14
CVE-2026-39835 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-46597 affecting package packer for versions less than 1.9.5-14
CVE-2026-46597 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2026-39828 affecting package packer for versions less than 1.9.5-14
CVE-2026-39828 affecting package packer for versions less than 1.9.5-14. A patched version of the package is available...
CVE-2025-47911 affecting package packer for versions less than 1.9.5-13
CVE-2025-47911 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
CVE-2025-58190 affecting package packer for versions less than 1.9.5-13
CVE-2025-58190 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
AZL-70325 CVE-2025-47913 affecting package packer for versions less than 1.9.5-16
SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process...
EUVD-2011-4062
Malware in sbrugna...
CVE-2025-22872 affecting package packer for versions less than 1.9.5-13
CVE-2025-22872 affecting package packer for versions less than 1.9.5-13. A patched version of the package is available...
Azure Linux 3.0 Security Update: azcopy / git-lfs / golang / influxdb / keda (CVE-2025-22870)
The version of azcopy / git-lfs / golang / influxdb / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22870 advisory. - Matching of hosts against proxy patterns can improperly treat an IPv6...
CVE-2025-22870 affecting package packer for versions less than 1.9.5-11
CVE-2025-22870 affecting package packer for versions less than 1.9.5-11. A patched version of the package is available...
CVE-2024-51744 affecting package packer for versions less than 1.9.5-11
CVE-2024-51744 affecting package packer for versions less than 1.9.5-11. A patched version of the package is available...
AZL-59242 CVE-2025-30204 affecting package packer for versions less than 1.9.5-12
golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...
AZL-58396 CVE-2025-22870 affecting package packer for versions less than 1.9.5-12
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...
AZL-58469 CVE-2025-22870 affecting package packer for versions less than 1.9.5-9
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...
CVE-2025-22869 affecting package packer for versions less than 1.9.5-10
CVE-2025-22869 affecting package packer for versions less than 1.9.5-10. A patched version of the package is available...
CVE-2025-22868 affecting package packer for versions less than 1.9.5-10
CVE-2025-22868 affecting package packer for versions less than 1.9.5-10. A patched version of the package is available...
CVE-2025-27144 affecting package packer for versions less than 1.9.5-9
CVE-2025-27144 affecting package packer for versions less than 1.9.5-9. A patched version of the package is available...
AZL-57422 CVE-2025-22868 affecting package packer for versions less than 1.9.5-10
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...
AZL-57393 CVE-2025-22869 affecting package packer for versions less than 1.9.5-6
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
Azure Linux 3.0 Security Update: packer (CVE-2023-49568)
The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49568 advisory. - A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability...