Lucene search
+L

50 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Azure Linux 3.0 Security Update: packer (CVE-2023-49569)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49569 advisory. - A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows a...

9.8CVSS6.9AI score0.01523EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.14 views

Azure Linux 3.0 Security Update: cert-manager / influxdb / keda / libcontainers-common / packer (CVE-2024-6104)

The version of cert-manager / influxdb / keda / libcontainers-common / packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6104 advisory. - go-retryablehttp prior to 0.7.7 did not sanitize urls...

6CVSS7.4AI score0.00358EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.14 views

Azure Linux 3.0 Security Update: packer (CVE-2025-21614)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...

7.5CVSS7.1AI score0.00708EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.12 views

Azure Linux 3.0 Security Update: packer (CVE-2023-49568)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49568 advisory. - A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability...

7.5CVSS6.4AI score0.00704EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/01/16 3:28 a.m.8 views

CVE-2025-21614 affecting package packer for versions less than 1.9.5-5

CVE-2025-21614 affecting package packer for versions less than 1.9.5-5. A patched version of the package is available...

7.5CVSS7.7AI score0.00708EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/01/16 12:0 a.m.22 views

CBL Mariner 2.0 Security Update: packer (CVE-2025-21613)

The version of packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21613 advisory. - go-git is a highly extensible git implementation library written in pure Go. An argument injection...

9.8CVSS7.7AI score0.01261EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/16 12:0 a.m.10 views

CBL Mariner 2.0 Security Update: packer (CVE-2025-21614)

The version of packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...

7.5CVSS7.2AI score0.00708EPSS
Exploits0References2
OSV
OSV
added 2025/01/06 5:15 p.m.7 views

AZL-55094 CVE-2025-21613 affecting package packer for versions less than 1.9.5-7

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.01261EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 2:2 a.m.6 views

AZL-54330 CVE-2024-45337 affecting package packer for versions less than 1.9.5-4

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.6 views

AZL-54290 CVE-2024-45337 affecting package packer for versions less than 1.9.5-5

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
CBLMariner
CBLMariner
added 2024/12/05 12:57 a.m.7 views

CVE-2024-24786 affecting package packer for versions less than 1.9.5-3

CVE-2024-24786 affecting package packer for versions less than 1.9.5-3. A patched version of the package is available...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
OSV
OSV
added 2024/11/04 10:15 p.m.7 views

AZL-52233 CVE-2024-51744 affecting package packer for versions less than 1.9.5-12

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

3.1CVSS6.5AI score0.00521EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2024/07/18 4:30 p.m.8 views

CVE-2025-21614 affecting package packer for versions less than 1.9.5-7

CVE-2025-21614 affecting package packer for versions less than 1.9.5-7. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.00708EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/07/18 4:30 p.m.12 views

CVE-2024-45338 affecting package packer for versions less than 1.9.5-6

CVE-2024-45338 affecting package packer for versions less than 1.9.5-6. A patched version of the package is available...

5.3CVSS5.6AI score0.00874EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/07/18 4:30 p.m.8 views

CVE-2024-24786 affecting package packer for versions less than 1.9.5-4

CVE-2024-24786 affecting package packer for versions less than 1.9.5-4. A patched version of the package is available...

7.5CVSS7AI score0.01262EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/07/18 4:30 p.m.5 views

CVE-2025-11065 affecting package packer for versions less than 1.9.5-18

CVE-2025-11065 affecting package packer for versions less than 1.9.5-18. A patched version of the package is available...

5.3CVSS5.9AI score0.00357EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/07/18 4:30 p.m.3 views

CVE-2025-47911 affecting package packer for versions less than 1.9.5-18

CVE-2025-47911 affecting package packer for versions less than 1.9.5-18. A patched version of the package is available...

5.3CVSS5.9AI score0.00502EPSS
Exploits0
OSV
OSV
added 2024/06/24 5:15 p.m.7 views

AZL-42943 CVE-2024-6104 affecting package packer for versions less than 1.9.5-2

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7...

5.5CVSS6.6AI score0.00358EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/02 12:0 a.m.5 views

UPX 安全漏洞

UPX is a free, secure, portable, scalable, high-performance executable shelling program for multiple executable formats. A security vulnerability exists in UPX version 4.2.2 and prior versions that stems from the presence of a heap-based buffer overflow issue...

9.8CVSS5.7AI score0.01223EPSS
Exploits1References6
OSV
OSV
added 2024/03/09 1:15 a.m.10 views

AZL-35901 CVE-2024-28180 affecting package packer for versions less than 1.9.5-6

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if t...

4.3CVSS6.4AI score0.01956EPSS
Exploits0References1
Rows per page
Query Builder