719 matches found
RockyLinux 10 : yggdrasil (RLSA-2026:5146)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:5146 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion i...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
Important: Red Hat Security Advisory: Satellite 6.18.4 Async Update
A new release is now available for Red Hat Satellite 6.18 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.3
Red Hat OpenShift Service Mesh 3.2.3 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.2....
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.9
Red Hat OpenShift Service Mesh 3.0.9 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.0....
Alibaba Cloud Linux 3 : 0060: container-tools (ALINUX3-SA-2026:0060)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0060 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-61726: The net/url package does n...
OESA-2026-1700 golang security update
The Go Programming Language. Security Fixes: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large...
AlmaLinux 10 : yggdrasil (ALSA-2026:5146)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5146 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...
Important: Red Hat Security Advisory: yggdrasil security update
An update for yggdrasil is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Important: Red Hat Security Advisory: Kiali 1.73.28 for Red Hat OpenShift Service Mesh 2.6
Kiali 1.73.28 for Red Hat OpenShift Service Mesh 2.6 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Kiali 1.73.28, for...
Important: Red Hat Security Advisory: Kiali 2.11.8 for Red Hat OpenShift Service Mesh 3.1
Kiali 2.11.8 for Red Hat OpenShift Service Mesh 3.1 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Kiali 2.11.8, for Re...
Important: Red Hat Security Advisory: Kiali 2.4.14 for Red Hat OpenShift Service Mesh 3.0
Kiali 2.4.14 for Red Hat OpenShift Service Mesh 3.0 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Kiali 2.4.14, for Re...
RHEL 9 : rhc (RHSA-2026:5077)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5077 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...
RHEL 10 : yggdrasil (RHSA-2026:5146)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5146 advisory. yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child...
ALSA-2026:5146 Important: yggdrasil security update
yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child "worker" process, exchanging data with its worker processes through a D-Bus message broker. Security Fixes: crypto/x509: golang: Denial of Service due to...
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...