4 matches found
Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2024-629)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-629 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing...
Rocky Linux 9 : git-lfs (RLSA-2024:2724)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2724 advisory. - An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining...
JSS: OCSP policy "Leaf and Chain" implicitly trusts the root certificate
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle...
Mandriva Update for gnutls MDVSA-2008:227 (gnutls)
Check for the Version of gnutls OpenVAS Vulnerability Test Mandriva Update for gnutls MDVSA-2008:227 gnutls Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...