Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.37 views

Oracle Linux 8 : cri-o (ELSA-2024-12348)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12348 advisory. - Address CVE-2024-24786 cri-tools - Address CVE-2024-24786 etcd - Address protobuf CVE-2024-24786 - Address protobuf CVE-2024-24786 - Backport from...

8.6CVSS7.2AI score0.01262EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2024/04/26 12:0 a.m.33 views

cri-o security update

cri-o 1.26.4-2 - Address CVE-2024-24786 cri-tools 1.26.1-5 - Address CVE-2024-24786 etcd 3.5.10-3 - Address protobuf CVE-2024-24786 3.5.10-1 - Added Oracle specific build files istio 1.17.8-3 - Address protobuf CVE-2024-24786 - Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323,...

7.5CVSS7.4AI score0.01262EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.25 views

Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2024-034)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.27.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2024-034 advisory. Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happ...

8.6CVSS6.7AI score0.00751EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2024/02/14 9:34 p.m.27 views

CVE-2024-23327

A flaw was found in the Envoy proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the protocol block...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/02/09 10:41 p.m.17 views

CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy

Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...

7.5CVSS7.9AI score0.00693EPSS
Exploits0References2
CVE
CVE
added 2024/02/09 10:41 p.m.95 views

CVE-2024-23327

CVE-2024-23327 affects Envoy: when PPv2 is enabled on a listener and a downstream cluster, the Envoy process can segfault while crafting the upstream PPv2 header if the downstream request uses a LOCAL command type and lacks a protocol block. This vulnerability is fixed in Envoy releases 1.29.1, 1...

7.5CVSS7.4AI score0.00693EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder