Lucene search
K

13 matches found

OSV
OSV
added 2026/06/18 3:47 p.m.5 views

ROOT-APP-GOBINARY-CVE-2025-22868 CVE-2025-22868 in rootio-golang.org/x/oauth2 - Patched by Root

Root has patched CVE-2025-22868 in the rootio-golang.org/x/oauth2 package for Root:Go. Multiple fixed versions available...

7.5CVSS6.2AI score0.00804EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in golang-golang-x-oauth2

An attacker can pass a maliciously malformed token, causing unexpected memory consumption during parsing...

7.5CVSS6.4AI score0.00804EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/30 2:15 p.m.6 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to Denial of Service (DoS) due to malformed token parsing in golang.org/x/oauth2 module (CVE-2025-22868)

Summary Potential vulnerabilities in golang.org/x/oauth2 module CVE-2025-22868 have been identified that may affect IBM Cloud Pak for Data Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during...

7.5CVSS7.3AI score0.00804EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2025/09/18 4:52 a.m.7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.60 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.60 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

7.5CVSS6.8AI score0.00856EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/07/23 5:11 p.m.5 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.55 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

7.5CVSS6.7AI score0.00804EPSS
Exploits0References6
OSV
OSV
added 2025/07/18 5:27 p.m.2 views

GHSA-6V2P-P543-PHR9 golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS9.3AI score0.00804EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/07/18 5:27 p.m.10 views

golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS7.9AI score0.00804EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/06/20 9:40 a.m.2 views

SUSE-SU-2025:02040-1 Security update for ignition

This update for ignition fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192...

7.5CVSS7.2AI score0.00804EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 1:53 p.m.4 views

golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws

A flaw was found in the golang.org/x/oauth2/jws package in the token parsing component. This vulnerability is made possible because of the use of strings.Splittoken, "." to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large...

7.5CVSS7.1AI score0.00804EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/03/27 3:0 p.m.5 views

golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws

A flaw was found in the golang.org/x/oauth2/jws package in the token parsing component. This vulnerability is made possible because of the use of strings.Splittoken, "." to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large...

7.5CVSS7.1AI score0.00804EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/02/26 8:14 a.m.8 views

CVE-2025-22868

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS6.8AI score0.00804EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/02/26 3:7 a.m.29 views

CVE-2025-22868 Unexpected memory consumption during token parsing in golang.org/x/oauth2

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

0.00804EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 2:51 a.m.19 views

GO-2025-3488 Unexpected memory consumption during token parsing in golang.org/x/oauth2

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS6.8AI score0.00804EPSS
Exploits0References2
Rows per page
Query Builder