5314 matches found
DEBIAN-CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
AZL-78968 CVE-2024-24783 affecting package golang 1.25.7-1
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
AZL-37522 CVE-2024-24783 affecting package golang for versions less than 1.21.6-1
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
AZL-37320 CVE-2024-24783 affecting package golang for versions less than 1.21.6-1
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
UBUNTU-CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
CVE-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
CVE-2024-24783
CVE-2024-24783 is confirmed in multiple advisories tied to Go crypto/x509: certificates with an unknown public key algorithm can cause Certificate.Verify to panic in TLS verification. Affected products/areas include container-tools components (Go-based utilities such as net/http, x509 handling) a...
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...
Uncaught Exception
Overview std/crypto/x509 is a Go standard library package std/crypto/x509 Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify ...
Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams
A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. "Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, a...
PT-2024-2139 · Debian +10 · Debian +10
Name of the Vulnerable Software and Affected Versions: crypto/tls versions affected versions not specified golang affected versions not specified Description: The issue arises when verifying a certificate chain that contains a certificate with an unknown public key algorithm, causing...
go -- multiple vulnerabilities
The Go project reports reports: crypto/x509: Verify panics on certificates with an unknown public key algorithm Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. net/http: memory exhaustion in...
CVE-2024-22463
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...
Design/Logic Flaw
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...
CVE-2024-22463
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information...
CVE-2024-22463
Dell PowerScale OneFS versions 8.2.x through 9.6.0.x are affected by a vulnerability described as the use of a broken or risky cryptographic algorithm, which can lead to disclosure and integrity concerns for sensitive data. The issue is triggered by the software’s cryptographic implementation rat...
PT-2024-2192 · Unknown · Usb Pratirodh
Name of the Vulnerable Software and Affected Versions: USB Pratirodh affected versions not specified Description: This issue is related to the use of a weaker cryptographic algorithm, specifically SHA1, in the user login component. A local attacker with administrative privileges could exploit thi...
ZDI-CAN-19105: Parse Server literalizeRegexPart SQL Injection
Impact This vulnerability allows SQL injection when Parse Server is configured to use the PostgreSQL database. Patches The algorithm to detect SQL injection has been improved. Workarounds None. References - https://github.com/parse-community/parse-server/security/advisories/GHSA-6927-3vr9-fxf2 -...
HCL Domino Security Vulnerability
HCL Technologies HCL Domino is an application software from HCL Technologies, Inc. It provides a platform for application development. A security vulnerability exists in HCL Domino that stems from the use of a weak hash encryption algorithm, which could allow an attacker to determine a user's...