Lucene search
K

67 matches found

OSV
OSV
added 2025/10/03 7:56 p.m.8 views

RLSA-2025:7462 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144...

7.5CVSS6.5AI score0.00868EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/10/03 7:56 p.m.8 views

podman security update

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

8.7CVSS7AI score0.00868EPSS
Exploits0
OSV
OSV
added 2025/03/27 9:44 a.m.6 views

SUSE-SU-2025:1037-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239330...

8.7CVSS6.8AI score0.00868EPSS
Exploits0References5
OSV
OSV
added 2025/03/26 9:3 a.m.9 views

SUSE-SU-2025:1018-1 Security update for buildah

This update for buildah fixes the following issues: - CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239339...

8.7CVSS7.8AI score0.00868EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/03/25 6:12 p.m.3 views

golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange...

7.5CVSS7.1AI score0.00868EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2021-43565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 Note that...

7.5CVSS6.9AI score0.00948EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/05/29 9:39 p.m.37 views

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 director Operator container images security update

Updated container images are now available for director Operator for Red Hat OpenStack Platform 16.2 Train for RHEL 8.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7AI score0.9378EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.24 views

RHEL 7 / 8 : OpenShift Virtualization 4.11.0 RPMs (RHSA-2022:6527)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6527 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

7.5CVSS7.7AI score0.03931EPSS
Exploits0References6
Redos
Redos
added 2024/04/12 12:0 a.m.46 views

ROS-20240412-06

A vulnerability in the OpenSSL library's implementation of the SM2 cryptographic algorithm is related to buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by transmitting specially crafte...

9.8CVSS8.6AI score0.87816EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.37 views

RHCOS 4 / 9 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)

The remote Red Hat Enterprise Linux CoreOS 4 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory. - golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 - golang: path/filepath: path-filepath filepath.Clean path...

9.8CVSS7AI score0.03931EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.31 views

Rocky Linux 8 : container-tools:rhel8 (RLSA-2021:1796)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1796 advisory. - A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause ...

7.5CVSS7.4AI score0.03228EPSS
Exploits1References37
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.4 views

SUSE CVE-2020-29652

A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers...

7.5CVSS8.5AI score0.03228EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.5 views

SUSE CVE-2021-43565

The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server...

7.5CVSS7.3AI score0.00948EPSS
Exploits0References26
Tenable Nessus
Tenable Nessus
added 2022/12/13 12:0 a.m.29 views

SUSE SLES12 Security Update : containerd (SUSE-SU-2022:4409-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4409-1 advisory. Update to containerd v1.6.12 including Docker v20.10.21-ce bsc1206065. Also includes the following fix: - CVE-2022-23471: host memo...

7.5CVSS7AI score0.03931EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2022/11/22 12:0 a.m.61 views

Oracle Linux 9 : podman (ELSA-2022-7954)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7954 advisory. 2:4.2.0-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 2:4.2.0-3 - fix dependency in test subpackage - Related:...

7.5CVSS7.3AI score0.06975EPSS
Exploits7References9
Tenable Nessus
Tenable Nessus
added 2022/11/17 12:0 a.m.66 views

Rocky Linux 8 : container-tools:4.0 (RLSA-2022:7469)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7469 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 whe...

7.8CVSS7.5AI score0.03931EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.96 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2022:7457)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7457 advisory. golang: net/http/httputil: panic due to racy read of persistConn after handler panic CVE-2021-36221 cri-o: memory exhaustion on the node when access to th...

7.8CVSS7.4AI score0.03931EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.35 views

AlmaLinux 8 : container-tools:4.0 (ALSA-2022:7469)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7469 advisory. cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 golang: crash in a golang.org/x/crypto/ssh server CVE-2022-27191 runc:...

7.8CVSS7.7AI score0.03931EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.23 views

CentOS 8 : container-tools:rhel8 (CESA-2022:7457)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7457 advisory. - golang: net/http/httputil: panic due to racy read of persistConn after handler panic CVE-2021-36221 - opencontainers: OCI manifest and index parsing...

7.8CVSS7.4AI score0.03931EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.38 views

Amazon Linux 2 : golang-github-godbus-dbus (ALAS-2022-1858)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1858 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.2AI score0.05335EPSS
Exploits7References32
Rows per page
Query Builder