GHSA-4GPH-2HHR-5MWG Envoy AI Proxy - MCP Message Smuggling Vulnerability

Envoy AI Gateway was found to be affected by a protocol parser differential vulnerability due to improper implementation of the JSON-RPC 2.0 specification. Such differential causes a MCP message alteration, potentially causing a bypass of security controls in a multi-layered architecture. Accordi...

Envoy AI Proxy - MCP Message Smuggling Vulnerability

Envoy AI Gateway was found to be affected by a protocol parser differential vulnerability due to improper implementation of the JSON-RPC 2.0 specification. Such differential causes a MCP message alteration, potentially causing a bypass of security controls in a multi-layered architecture. Accordi...

openSUSE 16 Security Update : containerized-data-importer (openSUSE-SU-2026:20279-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20279-1 advisory. Update to version 1.64.0. Security issues fixed: - CVE-2024-28180: improper handling of highly compressed data bsc1235204. - CVE-2024-45338:...

EUVD-2026-8792

MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity...

OPENSUSE-SU-2026:20279-1 Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issues: Update to version 1.64.0. Security issues fixed: - CVE-2024-28180: improper handling of highly compressed data bsc1235204. - CVE-2024-45338: denial of service due to non-linear parsing of case-insensitive content bsc1235365. ...

MCP Go SDK 安全漏洞

MCP Go SDK is an open-source development toolkit for the Model Context Protocol. Versions of the MCP Go SDK prior to 1.3.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of case-insensitive JSON key matching during the parsing of JSON-RPC and MCP protocol messages,...

Security update for apptainer

This update for apptainer fixes the following issues: CVE-2025-27144: Fixed Denial of Service in Go JOSE's Parsing bsc1237679. CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content bsc1234794. CVE-2024-45337: Fixed Misuse of ServerConfig.PublicKeyCallback m...

Important: Red Hat Security Advisory: RHODF-4.14-RHEL-9 security update

An updated images are now available for RHODF-4.14-RHEL-9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

Security update for helm

This update for helm fixes the following issues: Update to version 3.17.1: CVE-2024-45338: Fixed denial of service due to non-linear parsing of case-insensitive content bsc1235318. CVE-2024-45337: Fixed misuse of ServerConfig.PublicKeyCallback to prevent authorization bypass in golang.org/x/crypt...

Important: Red Hat Security Advisory: OpenShift Virtualization 4.17.3 Images

Red Hat OpenShift Virtualization release 4.17.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which...