Lucene search
K

415 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago4 views

SUSE SLES15 Security Update : apptainer (SUSE-SU-2026:2609-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2609-1 advisory. This update for apptainer fixes the following issues - CVE-2026-24137: github.com/sigstore/sigstore/pkg/tuf: legacy TUF client allows for...

10CVSS7AI score0.01557EPSS
Exploits1References46
Github Security Blog
Github Security Blog
added 6 days ago7 views

golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS5.9AI score0.00338EPSS
Exploits0References9Affected Software1
OSV
OSV
added 6 days ago3 views

GHSA-F5WC-C3C7-36MC golang.org/x/crypto/ssh/agent doesn't drop invoking agent constraints when forwarding keys

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS5.9AI score0.00338EPSS
Exploits0References9
OSV
OSV
added 2026/06/20 6:52 a.m.2 views

SUSE-SU-2026:22226-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267109. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...

10CVSS5.9AI score0.00781EPSS
Exploits0References25
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Go Cryptography vulnerabilities (USN-8447-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8447-1 advisory. It was discovered that Go Cryptography did not properly handle SSH global request responses. ...

10CVSS6.2AI score0.005EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.5 views

SUSE SLES15 Security Update : kubevirt-1.6 (SUSE-SU-2026:2401-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2401-1 advisory. This update for kubevirt-1.6 fixes the following issues Update to version 1.6.6, fixes various go embedded security issues: -...

9.9CVSS6.8AI score0.01557EPSS
Exploits3References22
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in OpenSSH

The PKCS11 feature in ssh-agent in OpenSSH prior to version 9.3p2 has an insufficiently trustworthy search path, which can lead to remote code execution if the agent is forwarded to a system controlled by an attacker. The code located in /usr/lib is not necessarily safe for loading into ssh-agent...

9.8CVSS8AI score0.76768EPSS
Exploits10References2
OSV
OSV
added 2026/06/17 1:43 p.m.4 views

USN-8447-1 golang-go.crypto vulnerabilities

It was discovered that Go Cryptography did not properly handle SSH global request responses. A remote attacker could possibly use this issue to cause a denial of service. CVE-2026-39830 It was discovered that Go Cryptography did not properly verify user presence when using FIDO/U2F security keys...

10CVSS5.7AI score0.005EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2026/06/15 3:34 p.m.4 views

Security update for kubevirt-1.6

This update for kubevirt-1.6 fixes the following issues Update to version 1.6.6, fixes various go embedded security issues: CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents bsc1251420. CVE-2025-47913: golang.org/x/crypto/ssh/agent:...

9.9CVSS6.4AI score0.01557EPSS
Exploits3References28
OSV
OSV
added 2026/06/15 3:34 p.m.3 views

SUSE-SU-2026:2401-1 Security update for kubevirt-1.6

This update for kubevirt-1.6 fixes the following issues Update to version 1.6.6, fixes various go embedded security issues: - CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents bsc1251420. - CVE-2025-47913: golang.org/x/crypto/ssh/agent...

9.9CVSS5.2AI score0.01557EPSS
Exploits3References15
OSV
OSV
added 2026/06/15 3:34 p.m.3 views

SUSE-SU-2026:2400-1 Security update for kubevirt

This update for kubevirt fixes the following issues: Update to version 1.7.4, fixes various go embedded security issues: - CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML documents bsc1251420. - CVE-2025-47913: golang.org/x/crypto/ssh/agent:...

9.9CVSS7.8AI score0.01557EPSS
Exploits3References15
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:17 a.m.16 views

Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

...

5.3CVSS5.8AI score0.00313EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:16 a.m.15 views

Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent

...

9.1CVSS5.8AI score0.00338EPSS
Exploits0
OSV
OSV
added 2026/05/22 11:51 a.m.10 views

SUSE-SU-2026:21827-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data Data Amplification in github.com/getkin/kin-openapi/openapi3filter bsc1264762. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client...

9.1CVSS6.7AI score0.01557EPSS
Exploits3References13
Snyk
Snyk
added 2026/05/22 5:32 a.m.8 views

Improper Check for Dropped Privileges

Overview Affected versions of this package are vulnerable to Improper Check for Dropped Privileges due to the omission of constraint extensions such as [email protected] when adding a key to a remote agent. An attacker can bypass intended key usage restrictions by forwarding ke...

9.1CVSS5.8AI score0.00338EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/22 5:32 a.m.9 views

Improper Check for Dropped Privileges

Overview Affected versions of this package are vulnerable to Improper Check for Dropped Privileges due to the omission of constraint extensions such as [email protected] when adding a key to a remote agent. An attacker can bypass intended key usage restrictions by forwarding ke...

9.1CVSS5.8AI score0.00338EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/22 2:31 a.m.12 views

CVE-2026-39832 Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

5.9AI score0.00338EPSS
Exploits0References4
CVE
CVE
added 2026/05/22 2:31 a.m.64 views

CVE-2026-39833

The CVE-2026-39833 issue affects the in-memory keyring used by golang.org/x/crypto/ssh/agent. The ConfirmBeforeUse constraint was silently accepted but not enforced by NewKeyring(), allowing keys to sign without a required confirmation prompt and without notifying the caller. The patch fixes this...

9.1CVSS5.8AI score0.0036EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/22 2:8 a.m.6 views

GO-2026-5005 Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

9.1CVSS5.8AI score0.0036EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.12 views

RockyLinux 10 : openssh (RLSA-2025:20126)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the RockyLinux...

4.3CVSS6.5AI score0.00149EPSS
Exploits0References3
Rows per page
Query Builder