Lucene search
K

293 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday7 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday3 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

Important: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday4 views

Important: Red Hat Security Advisory: buildah security, bug fix, and enhancement update

An update for buildah is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday4 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.7AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 3 days ago6 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS5.8AI score0.00651EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 5 days ago4 views

SUSE SLES12 Security Update : google-osconfig-agent (SUSE-SU-2026:2665-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2665-1 advisory. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...

10CVSS7.4AI score0.01557EPSS
Exploits1References44
OSV
OSV
added 6 days ago2 views

SUSE-SU-2026:2665-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260264. - CVE-2026-39821: Update golang.org/x/net/idna dependency bsc1266603. - CVE-2026-39827: Update...

10CVSS7.3AI score0.01557EPSS
Exploits1References26
OSV
OSV
added 2026/06/24 8:46 a.m.2 views

SUSE-SU-2026:2609-1 Security update for apptainer

This update for apptainer fixes the following issues - CVE-2026-24137: github.com/sigstore/sigstore/pkg/tuf: legacy TUF client allows for arbitrary file writes with target cache path traversal bsc1264177. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of...

10CVSS6.8AI score0.01557EPSS
Exploits1References27
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Oracle Linux 9 : podman (ELSA-2026-19173)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19173 advisory. - fixes CVE-2026-34986 go-jose: Go JOSE Denial of Service via crafted JWE Tenable has extracted the preceding description block directly from the Oracle Linux...

7.5CVSS6AI score0.00651EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 11:36 a.m.6 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.2AI score0.00651EPSS
Exploits0References6
OSV
OSV
added 2026/06/18 1:55 p.m.5 views

ROOT-APP-GOBINARY-CVE-2026-34986 CVE-2026-34986 in rootio-github.com/go-jose/go-jose/v4 - Patched by Root

Root has patched CVE-2026-34986 in the rootio-github.com/go-jose/go-jose/v4 package for Root:Go. Multiple fixed versions available...

7.5CVSS6.1AI score0.00651EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/15 7:47 p.m.9 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.5AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/11 1:57 p.m.8 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS7.5AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/11 1:56 p.m.12 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.9AI score0.00651EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/11 1:40 p.m.9 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

7.5CVSS6.9AI score0.00651EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.13 views

RHEL 9 : skopeo (RHSA-2026:25250)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25250 advisory. The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and...

10CVSS5.6AI score0.01945EPSS
Exploits3References12
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.8 views

RockyLinux 9 : osbuild-composer (RLSA-2026:22714)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22714 advisory. golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 golang: net/url: Memory exhaustion in query...

10CVSS5.6AI score0.01945EPSS
Exploits3References21
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.14 views

RHEL 10 : osbuild-composer (RHSA-2026:22450)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22450 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...

10CVSS5.7AI score0.01945EPSS
Exploits3References25
Rows per page
Query Builder