Lucene search
+L

4 matches found

osv
osv
added 2026/06/25 8:47 a.m.4 views

SUSE-SU-2026:22424-1 Security update for containerd

This update for containerd fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265794. - CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of...

9.6CVSS6.8AI score0.00781EPSS
Exploits0References7
osv
osv
added 2026/06/18 2:30 p.m.3 views

OPENSUSE-SU-2026:21084-1 Security update for distribution

This update for distribution fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265788. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation...

10CVSS6.7AI score0.00781EPSS
Exploits1References20
mscve
mscve
added 2026/05/27 8:3 a.m.18 views

Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna

...

10CVSS5.8AI score0.00478EPSS
Exploits0
osv
osv
added 2026/05/22 3:1 p.m.3 views

CVE-2026-39821 Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode"xn--example-.com" incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References55
Rows per page
Query Builder