Lucene search
K

425 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.13 views

Azure Linux 3.0 Security Update: cert-manager / influxdb / keda / libcontainers-common / packer (CVE-2024-6104)

The version of cert-manager / influxdb / keda / libcontainers-common / packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6104 advisory. - go-retryablehttp prior to 0.7.7 did not sanitize urls...

6CVSS7.4AI score0.00358EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.13 views

Azure Linux 3.0 Security Update: packer (CVE-2025-21613)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21613 advisory. - go-git is a highly extensible git implementation library written in pure Go. An argument injection...

9.8CVSS7.7AI score0.0124EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.10 views

Azure Linux 3.0 Security Update: packer (CVE-2023-49569)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49569 advisory. - A path traversal vulnerability was discovered in go-git versions prior to v5.11. This vulnerability allows a...

9.8CVSS6.9AI score0.01523EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.16 views

Azure Linux 3.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

5.9CVSS7.1AI score0.9378EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.14 views

Azure Linux 3.0 Security Update: packer (CVE-2025-21614)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...

7.5CVSS7.1AI score0.00696EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.12 views

Azure Linux 3.0 Security Update: etcd / packer (CVE-2022-3064)

The version of etcd / packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3064 advisory. - Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. CVE-2022-306...

7.5CVSS6.4AI score0.017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.11 views

Azure Linux 3.0 Security Update: packer (CVE-2023-49568)

The version of packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-49568 advisory. - A denial of service DoS vulnerability was discovered in go-git versions prior to v5.11. This vulnerability...

7.5CVSS6.4AI score0.00704EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/27 12:0 a.m.17 views

CBL Mariner 2.0 Security Update: packer / terraform (CVE-2023-0475)

The version of packer / terraform installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0475 advisory. - HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 an...

6.5CVSS6.2AI score0.00454EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/01/16 3:28 a.m.8 views

CVE-2025-21614 affecting package packer for versions less than 1.9.5-5

CVE-2025-21614 affecting package packer for versions less than 1.9.5-5. A patched version of the package is available...

7.5CVSS7.7AI score0.00696EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/01/16 3:28 a.m.9 views

CVE-2025-21613 affecting package packer for versions less than 1.9.5-5

CVE-2025-21613 affecting package packer for versions less than 1.9.5-5. A patched version of the package is available...

9.8CVSS9.7AI score0.0124EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/01/16 12:0 a.m.9 views

CBL Mariner 2.0 Security Update: packer (CVE-2025-21614)

The version of packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21614 advisory. - go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS...

7.5CVSS7.2AI score0.00696EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/16 12:0 a.m.22 views

CBL Mariner 2.0 Security Update: packer (CVE-2025-21613)

The version of packer installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21613 advisory. - go-git is a highly extensible git implementation library written in pure Go. An argument injection...

9.8CVSS7.7AI score0.0124EPSS
Exploits0References2
OSV
OSV
added 2025/01/06 5:15 p.m.6 views

AZL-55094 CVE-2025-21613 affecting package packer for versions less than 1.9.5-7

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.8 views

AZL-55060 CVE-2025-21613 affecting package packer for versions less than 1.9.5-5

go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only...

9.8CVSS6.8AI score0.0124EPSS
Exploits0References1
OSV
OSV
added 2025/01/06 5:15 p.m.5 views

AZL-55079 CVE-2025-21614 affecting package packer for versions less than 1.9.5-7

go-git is a highly extensible git implementation library written in pure Go. A denial of service DoS vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git serve...

7.5CVSS6.7AI score0.00696EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 9:15 p.m.5 views

AZL-54401 CVE-2024-45338 affecting package packer for versions less than 1.9.5-7

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

5.3CVSS6.6AI score0.00856EPSS
Exploits0References1
OSV
OSV
added 2024/12/18 9:15 p.m.7 views

AZL-54510 CVE-2024-45338 affecting package packer for versions less than 1.9.5-7

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

5.3CVSS6.6AI score0.00856EPSS
Exploits0References1
OSV
OSV
added 2024/12/12 2:2 a.m.4 views

AZL-54290 CVE-2024-45337 affecting package packer for versions less than 1.9.5-5

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
OSV
OSV
added 2024/12/12 2:2 a.m.5 views

AZL-54330 CVE-2024-45337 affecting package packer for versions less than 1.9.5-4

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

9.1CVSS6.8AI score0.03153EPSS
Exploits2References1
CBLMariner
CBLMariner
added 2024/12/05 12:57 a.m.6 views

CVE-2024-24786 affecting package packer for versions less than 1.9.5-3

CVE-2024-24786 affecting package packer for versions less than 1.9.5-3. A patched version of the package is available...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
Rows per page
Query Builder