11 matches found
Azure Linux 3.0 Security Update: coredns (CVE-2024-22189)
The version of coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22189 advisory. - quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its...
openSUSE 15 Security Update : coredns (openSUSE-SU-2024:0319-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0319-1 advisory. Update to version 1.11.3: optimize the performance for high qps 6767 bump deps Fix zone parser error handling 6680 Add alternate option to forwar...
OPENSUSE-SU-2024:0319-1 Security update for coredns
This update for coredns fixes the following issues: Update to version 1.11.3: optimize the performance for high qps 6767 bump deps Fix zone parser error handling 6680 Add alternate option to forward plugin 6681 fix: plugin/file: return error when parsing the file fails 6699 fix:documentation...
Security update for caddy (moderate)
openSUSE Security Update: Security update for caddy Announcement ID: openSUSE-SU-2024:0220-1 Rating: moderate References: 1222468 Cross-References: CVE-2023-45142 CVE-2024-22189 CVSS scores: CVE-2023-45142 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-45142 SUSE: 7.5...
openSUSE Security Advisory (openSUSE-SU-2024:0211-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-22189 affecting package coredns for versions less than 1.11.1-2
CVE-2024-22189 affecting package coredns for versions less than 1.11.1-2. A patched version of the package is available...
CBL Mariner 2.0 Security Update: coredns (CVE-2024-22189)
The version of coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22189 advisory. - quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.42.0, an attacker can cause its...
CVE-2024-22189 affecting package coredns for versions less than 1.11.1-6
CVE-2024-22189 affecting package coredns for versions less than 1.11.1-6. A patched version of the package is available...
CVE-2024-22189 vulnerabilities
Vulnerabilities for packages: k3s, cloudflared, coredns, q, caddy...
CVE-2024-22189 vulnerabilities
Vulnerabilities for packages: caddy-fips, coredns, q, caddy, coredns-fips, cloudflared, k3s...
CVE-2024-22189
The CVE concerns quic-go prior to v0.42.0 where an attacker can cause memory exhaustion on the peer by flooding with NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is expected to reply with RETIRE_CONNECTION_ID frames for each retirement; an attacker can prevent most of the...