25 matches found
AZL-35634 CVE-2024-24786 affecting package blobfuse2 for versions less than 2.3.0-1
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
AZL-35554 CVE-2024-24786 affecting package blobfuse2 for versions less than 2.1.2-7
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
CVE-2023-39325 affecting package blobfuse2 for versions less than 2.1.1-1
CVE-2023-39325 affecting package blobfuse2 for versions less than 2.1.1-1. An upgraded version of the package is available that resolves this issue...
AZL-34567 CVE-2023-39325 affecting package blobfuse2 for versions less than 2.3.0-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...
AZL-31608 CVE-2023-39325 affecting package blobfuse2 for versions less than 2.1.1-1
A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...