4 matches found
govulncheck-vulndb-0.0.20241119T173509-1.1 on GA media (moderate)
govulncheck-vulndb-0.0.20241119T173509-1.1 on GA media Announcement ID: openSUSE-SU-2024:14513-1 Rating: moderate Cross-References: CVE-2020-8911 CVE-2023-0109 CVE-2024-0793 CVE-2024-24425 CVE-2024-24426 CVE-2024-44625 CVE-2024-52010 CVE-2024-52308 CVE-2024-52522 CVE-2024-9526 CVSS scores:...
CVE-2020-8911 vulnerabilities
Vulnerabilities for packages: elastic-agent, cluster-autoscaler-fips, grafana-fips, vault-fips, kots, cloud-sql-proxy, consul, loki, harbor, k3d, terraform, consul-fips, opentelemetry-collector-k8s, zot, prometheus, tigera-operator, vault, elastic-agent-fips, commercial-grafana, mattermost,...
CVE-2020-8911 vulnerabilities
Vulnerabilities for packages: cloud-sql-proxy, kube-arangodb, opentelemetry-collector, argo-cd, external-secrets-operator, grafana, mattermost, k3d, loki, zot, gatekeeper, cluster-autoscaler, kots...
CVE-2020-8911
CVE-2020-8911 describes a padding oracle in the AWS S3 Crypto SDK for Go (older GoLang S3 encryption client). The vulnerability arises because AES-CBC encryption was used without a MAC, enabling an attacker with write access to the target S3 bucket to observe decryption outcomes and reconstruct p...