Lucene search
K

4 matches found

OSV
OSV
added 2026/04/23 9:21 p.m.7 views

GHSA-PJCQ-XVWQ-HHPJ go-ntlmssp NTLM challenges can panic on malformed payloads

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

5.3CVSS5.8AI score0.01027EPSS
Exploits0References4
Snyk
Snyk
added 2022/05/24 4:44 p.m.1 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...

9.2CVSS7.1AI score0.01492EPSS
Exploits0References2
Snyk
Snyk
added 2022/05/24 4:44 p.m.1 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...

9.2CVSS7.1AI score0.01492EPSS
Exploits0References2
Snyk
Snyk
added 2022/05/24 4:44 p.m.1 views

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the rest.AnonymousClientConfig method that does not effectively clear service account credentials loaded using rest.InClusterConfig. An attacker can gain...

9.2CVSS7.1AI score0.01492EPSS
Exploits0References2
Rows per page
Query Builder